Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
matrixssl matrixssl vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-43974
MatrixSSL 4.0.4 up to and including 4.5.1 has an integer overflow in matrixSslDecodeTls13. A remote attacker might be able to send a crafted TLS Message to cause a buffer overflow and achieve remote code execution. This is fixed in 4.6.0.
Matrixssl Matrixssl
9.8
CVSSv3
CVE-2019-14431
In MatrixSSL 3.8.3 Open up to and including 4.2.1 Open, the DTLS server mishandles incoming network messages leading to a heap-based buffer overflow of up to 256 bytes and possible Remote Code Execution in parseSSLHandshake in sslDecode.c. During processing of a crafted packet, t...
Matrixssl Matrixssl
9.8
CVSSv3
CVE-2019-13470
MatrixSSL prior to 4.2.1 has an out-of-bounds read during ASN.1 handling.
Matrixssl Matrixssl
9.8
CVSSv3
CVE-2019-10914
pubRsaDecryptSignedElementExt in MatrixSSL 4.0.1 Open, as used in Inside Secure TLS Toolkit, has a stack-based buffer overflow during X.509 certificate verification because of missing validation in psRsaDecryptPubExt in crypto/pubkey/rsa_pub.c.
Matrixssl Matrixssl
9.8
CVSSv3
CVE-2017-2780
An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflow on the heap resulting in remote code execution. To trigger this vulnerability,...
Matrixssl Matrixssl 3.8.7b
9.8
CVSSv3
CVE-2017-2781
An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflow on the heap resulting in remote code execution. To trigger this vulnerability,...
Matrixssl Matrixssl 3.8.7b
9.8
CVSSv3
CVE-2016-6890
Heap-based buffer overflow in MatrixSSL prior to 3.8.6 allows remote malicious users to execute arbitrary code via a crafted Subject Alt Name in an X.509 certificate.
Matrixssl Matrixssl
9.1
CVSSv3
CVE-2017-2782
An integer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a length counter to overflow, leading to a controlled out of bounds copy operation. To trigger this vulnerabilit...
Matrixssl Matrixssl 3.8.7b
7.5
CVSSv3
CVE-2023-24609
Matrix SSL 4.x up to and including 4.6.0 and Rambus TLS Toolkit have a length-subtraction integer overflow for Client Hello Pre-Shared Key extension parsing in the TLS 1.3 server. An attacked device calculates an SHA-2 hash over at least 65 KB (in RAM). With a large number of cra...
Matrixssl Matrixssl
Rambus Tls Toolkit -
7.5
CVSSv3
CVE-2022-46505
An issue in MatrixSSL 4.5.1-open and previous versions leads to failure to securely check the SessionID field, resulting in the misuse of an all-zero MasterSecret that can decrypt secret data.
Matrixssl Matrixssl
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »