Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
matrixssl matrixssl vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2016-6890
Heap-based buffer overflow in MatrixSSL prior to 3.8.6 allows remote malicious users to execute arbitrary code via a crafted Subject Alt Name in an X.509 certificate.
Matrixssl Matrixssl
7.5
CVSSv2
CVE-2019-14431
In MatrixSSL 3.8.3 Open up to and including 4.2.1 Open, the DTLS server mishandles incoming network messages leading to a heap-based buffer overflow of up to 256 bytes and possible Remote Code Execution in parseSSLHandshake in sslDecode.c. During processing of a crafted packet, t...
Matrixssl Matrixssl
7.5
CVSSv2
CVE-2019-13470
MatrixSSL prior to 4.2.1 has an out-of-bounds read during ASN.1 handling.
Matrixssl Matrixssl
7.5
CVSSv2
CVE-2019-10914
pubRsaDecryptSignedElementExt in MatrixSSL 4.0.1 Open, as used in Inside Secure TLS Toolkit, has a stack-based buffer overflow during X.509 certificate verification because of missing validation in psRsaDecryptPubExt in crypto/pubkey/rsa_pub.c.
Matrixssl Matrixssl
7.5
CVSSv2
CVE-2017-2780
An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflow on the heap resulting in remote code execution. To trigger this vulnerability,...
Matrixssl Matrixssl 3.8.7b
7.5
CVSSv2
CVE-2017-2781
An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflow on the heap resulting in remote code execution. To trigger this vulnerability,...
Matrixssl Matrixssl 3.8.7b
7.5
CVSSv2
CVE-2014-1569
The definite_length_decoder function in lib/util/quickder.c in Mozilla Network Security Services (NSS) prior to 3.16.2.4 and 3.17.x prior to 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote malicious users to conduct data-smu...
Mozilla Network Security Services 3.16.2.1
Mozilla Network Security Services 3.16.2.0
Mozilla Network Security Services 3.17.2
Mozilla Network Security Services
Mozilla Network Security Services 3.16.2.2
Mozilla Network Security Services 3.17.1
Mozilla Network Security Services 3.17.0
7.5
CVSSv2
CVE-2004-2681
PeerSec MatrixSSL prior to 1.1 caches session keys for an indefinitely long time, which might make it easier for remote malicious users to hijack a session.
Peersec Networks Matrixssl
6.4
CVSSv2
CVE-2017-2782
An integer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a length counter to overflow, leading to a controlled out of bounds copy operation. To trigger this vulnerabilit...
Matrixssl Matrixssl 3.8.7b
5.8
CVSSv2
CVE-2004-2682
PeerSec MatrixSSL prior to 1.1 does not implement RSA blinding, which allows context-dependent malicious users to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the us...
Peersec Networks Matrixssl
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »