Vulnerabilities > Matrixssl > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-01-09 CVE-2022-43974 Integer Overflow or Wraparound vulnerability in Matrixssl
MatrixSSL 4.0.4 through 4.5.1 has an integer overflow in matrixSslDecodeTls13.
network
low complexity
matrixssl CWE-190
critical
 9.8
9.8
2019-07-29 CVE-2019-14431 Improper Handling of Exceptional Conditions vulnerability in Matrixssl
In MatrixSSL 3.8.3 Open through 4.2.1 Open, the DTLS server mishandles incoming network messages leading to a heap-based buffer overflow of up to 256 bytes and possible Remote Code Execution in parseSSLHandshake in sslDecode.c.
network
low complexity
matrixssl CWE-755
critical
 9.8
9.8
2019-07-09 CVE-2019-13470 Out-of-bounds Read vulnerability in Matrixssl
MatrixSSL before 4.2.1 has an out-of-bounds read during ASN.1 handling.
network
low complexity
matrixssl CWE-125
critical
 9.8
9.8
2019-04-08 CVE-2019-10914 Improper Certificate Validation vulnerability in Matrixssl
pubRsaDecryptSignedElementExt in MatrixSSL 4.0.1 Open, as used in Inside Secure TLS Toolkit, has a stack-based buffer overflow during X.509 certificate verification because of missing validation in psRsaDecryptPubExt in crypto/pubkey/rsa_pub.c.
network
low complexity
matrixssl CWE-295
critical
 9.8
9.8
2017-06-22 CVE-2017-2782 Integer Overflow or Wraparound vulnerability in Matrixssl 3.8.7B
An integer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b.
network
low complexity
matrixssl CWE-190
critical
 9.1
9.1
2017-06-22 CVE-2017-2781 Out-of-bounds Write vulnerability in Matrixssl 3.8.7B
An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b.
network
low complexity
matrixssl CWE-787
critical
 9.8
9.8
2017-06-22 CVE-2017-2780 Out-of-bounds Write vulnerability in Matrixssl 3.8.7B
An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b.
network
low complexity
matrixssl CWE-787
critical
 9.8
9.8
2017-01-05 CVE-2016-6890 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Matrixssl
Heap-based buffer overflow in MatrixSSL before 3.8.6 allows remote attackers to execute arbitrary code via a crafted Subject Alt Name in an X.509 certificate.
network
low complexity
matrixssl CWE-119
critical
 9.8
9.8