Home/Product/matrixssl
Product

matrixssl

26 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2023-24609
>= 4.0.0 and <= 4.6.0
Matrix SSL 4.x through 4.6.0 and Rambus TLS Toolkit have a length-subtraction integer overflow for Client Hello Pre-Shared Key ext
7.5HIGH
 CVE-2022-46505
<= 4.5.1
An issue in MatrixSSL 4.5.1-open and earlier leads to failure to securely check the SessionID field, resulting in the misuse of an
7.5HIGH
 CVE-2022-43974
>= 4.0.0 and < 4.6.0
MatrixSSL 4.0.4 through 4.5.1 has an integer overflow in matrixSslDecodeTls13. A remote attacker might be able to send a crafted T
8.1HIGH
 CVE-2019-16747
< 4.2.2
In MatrixSSL before 4.2.2 Open, the DTLS server can encounter an invalid pointer free (leading to memory corruption and a daemon c
7.5HIGH
 CVE-2019-13629
<= 4.2.1
MatrixSSL 4.2.1 and earlier contains a timing side channel in ECDSA signature generation. This allows a local or a remote attacker
5.9MEDIUM
 CVE-2019-14431
>= 3.8.2 and <= 4.2.1
In MatrixSSL 3.8.3 Open through 4.2.1 Open, the DTLS server mishandles incoming network messages leading to a heap-based buffer ov
9.8CRITICAL
 CVE-2019-13470
< 4.2.1
MatrixSSL before 4.2.1 has an out-of-bounds read during ASN.1 handling.
9.8CRITICAL
 CVE-2019-10914
<= 4.0.2
pubRsaDecryptSignedElementExt in MatrixSSL 4.0.1 Open, as used in Inside Secure TLS Toolkit, has a stack-based buffer overflow dur
9.8CRITICAL
 CVE-2018-12439
<= 3.9.5
MatrixSSL through 3.9.5 Open allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Pr
4.7MEDIUM
 CVE-2017-1000417
all versions
MatrixSSL version 3.7.2 adopts a collision-prone OID comparison logic resulting in possible spoofing of OIDs (e.g. in ExtKeyUsage
5.3MEDIUM
 CVE-2017-1000415
all versions
MatrixSSL version 3.7.2 has an incorrect UTCTime date range validation in its X.509 certificate validation process resulting in so
5.9MEDIUM
 CVE-2017-2782
all versions
An integer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A special
6.5MEDIUM
 CVE-2017-2781
all versions
An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3
9.8CRITICAL
 CVE-2017-2780
all versions
An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3
9.8CRITICAL
 CVE-2016-6884
<= 3.8.2
TLS cipher suites with CBC mode in TLS 1.1 and 1.2 in MatrixSSL before 3.8.3 allow remote attackers to cause a denial of service (
6.5MEDIUM
 CVE-2016-6883
<= 3.8.2
MatrixSSL before 3.8.3 configured with RSA Cipher Suites allows remote attackers to obtain sensitive information via a Bleichenbac
5.9MEDIUM
 CVE-2016-6882
<= 3.8.6
MatrixSSL before 3.8.7, when the DHE_RSA based cipher suite is supported, makes it easier for remote attackers to obtain RSA priva
5.9MEDIUM
 CVE-2016-8671
<= 3.8.6
The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not properly perform modular exponentiation, which might allow remot
5.9MEDIUM
 CVE-2016-6887
<= 3.8.6
The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not properly perform modular exponentiation, which might allow remot
5.9MEDIUM
 CVE-2016-6886
<= 3.8.3
The pstm_reverse function in MatrixSSL before 3.8.4 allows remote attackers to cause a denial of service (invalid memory read and
7.5HIGH
 CVE-2016-6885
<= 3.8.3
The pstm_exptmod function in MatrixSSL before 3.8.4 allows remote attackers to cause a denial of service (invalid free and crash)
7.5HIGH
 CVE-2016-6892
<= 3.8.5
The x509FreeExtensions function in MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (free of unallocate
7.5HIGH
 CVE-2016-6891
<= 3.8.5
MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ASN.1 Bit Field pri
7.5HIGH
 CVE-2016-6890
<= 3.8.5
Heap-based buffer overflow in MatrixSSL before 3.8.6 allows remote attackers to execute arbitrary code via a crafted Subject Alt N
9.8CRITICAL
 CVE-2004-2682
<= 1.0
PeerSec MatrixSSL before 1.1 does not implement RSA blinding, which allows context-dependent attackers to obtain the server's priv
 CVE-2004-2681
<= 1.0
PeerSec MatrixSSL before 1.1 caches session keys for an indefinitely long time, which might make it easier for remote attackers to
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Coverage report
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns TAXII feed Data sources
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh