Total
24 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-6883 | 1 Matrixssl | 1 Matrixssl | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
MatrixSSL before 3.8.3 configured with RSA Cipher Suites allows remote attackers to obtain sensitive information via a Bleichenbacher variant attack. | |||||
CVE-2016-6891 | 1 Matrixssl | 1 Matrixssl | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ASN.1 Bit Field primitive in an X.509 certificate. | |||||
CVE-2016-6887 | 1 Matrixssl | 1 Matrixssl | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not properly perform modular exponentiation, which might allow remote attackers to predict the secret key via a CRT attack. | |||||
CVE-2016-6886 | 1 Matrixssl | 1 Matrixssl | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The pstm_reverse function in MatrixSSL before 3.8.4 allows remote attackers to cause a denial of service (invalid memory read and crash) via a (1) zero value or (2) the key's modulus for the secret key during RSA key exchange. |