Vulnerabilities > Matrixssl > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-01-09 CVE-2022-43974 Integer Overflow or Wraparound vulnerability in Matrixssl
MatrixSSL 4.0.4 through 4.5.1 has an integer overflow in matrixSslDecodeTls13.
network
low complexity
matrixssl CWE-190
critical
9.8
2019-07-29 CVE-2019-14431 Improper Handling of Exceptional Conditions vulnerability in Matrixssl
In MatrixSSL 3.8.3 Open through 4.2.1 Open, the DTLS server mishandles incoming network messages leading to a heap-based buffer overflow of up to 256 bytes and possible Remote Code Execution in parseSSLHandshake in sslDecode.c.
network
low complexity
matrixssl CWE-755
critical
9.8
2017-06-22 CVE-2017-2781 Out-of-bounds Write vulnerability in Matrixssl 3.8.7B
An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b.
network
low complexity
matrixssl CWE-787
critical
9.8
2017-06-22 CVE-2017-2780 Out-of-bounds Write vulnerability in Matrixssl 3.8.7B
An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b.
network
low complexity
matrixssl CWE-787
critical
9.8
2017-01-05 CVE-2016-6890 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Matrixssl
Heap-based buffer overflow in MatrixSSL before 3.8.6 allows remote attackers to execute arbitrary code via a crafted Subject Alt Name in an X.509 certificate.
network
low complexity
matrixssl CWE-119
critical
10.0