📌 Bugtraq: [security bulletin] - Linux Kernel Flaw, ASN.1 DER decoder for x509 certificate DER

📌 axTLS up to 2.1.3 ASN.1 x509.c sig_verify() Certificate denial of service

🕛 1463 Tage, 11 Stunden 49 Minuten
📆 10.04.2020 um 16:18 Uhr
📈 51.3 Punkte

📌 OpenSSL 1.0.1n/1.0.1o/1.0.2b/1.0.2c x509 Basic Constraints crypto/x509/x509_vfy.c X509_verify_cert spoofing

🕛 2030 Tage, 17 Stunden 47 Minuten
📆 09.07.2015 um 02:00 Uhr
📈 48.04 Punkte

📌 wolfSSL up to 4.1.0 ASN.1 Certificate wolfcrypt/src/asn.c CheckCertSignature_ex Heap-based memory corruption

🕛 1314 Tage, 17 Stunden 5 Minuten
📆 06.09.2020 um 10:24 Uhr
📈 45.59 Punkte

📌 CVE-2019-18840 | wolfSSL up to 4.2.0c ASN.1 Certificate wolfcrypt/src/asn.c out-of-bounds write (Issue 2555)

🕛 61 Tage, 18 Stunden 59 Minuten
📆 11.02.2024 um 09:37 Uhr
📈 45.59 Punkte

📌 CVE-2016-2053 | Google Android Kernel ASN.1 Decoder cryptographic issues (Nessus ID 93278 / ID 168927)

🕛 575 Tage, 12 Stunden 53 Minuten
📆 15.09.2022 um 14:42 Uhr
📈 36.52 Punkte

📌 Google Android Kernel ASN.1 Decoder erweiterte Rechte [CVE-2016-2053]

🕛 2770 Tage, 18 Stunden 7 Minuten
📆 06.09.2016 um 02:00 Uhr
📈 36.52 Punkte

📌 Google Android Kernel ASN.1 Decoder erweiterte Rechte [CVE-2016-2053]

🕛 2770 Tage, 18 Stunden 7 Minuten
📆 06.09.2016 um 02:00 Uhr
📈 36.52 Punkte

📌 [dos] wolfSSL 3.10.2 - x509 Certificate Text Parsing Off-by-One

🕛 2530 Tage, 9 Stunden 18 Minuten
📆 09.05.2017 um 00:00 Uhr
📈 32.98 Punkte

📌 axTLS up to 2.1.3 PKCS #1 x509.c sig_verify() Certificate spoofing

🕛 1463 Tage, 11 Stunden 49 Minuten
📆 10.04.2020 um 16:23 Uhr
📈 32.98 Punkte

📌 axTLS up to 2.1.3 PKCS #1 x509.c sig_verify() Certificate spoofing

🕛 1463 Tage, 11 Stunden 49 Minuten
📆 10.04.2020 um 16:20 Uhr
📈 32.98 Punkte

📌 Google Chrome 17.0.963.46 x509 Certificate input validation

🕛 1119 Tage, 8 Stunden 22 Minuten
📆 20.03.2021 um 20:45 Uhr
📈 32.98 Punkte

📌 Cisco ASA up to 9.1.1.4 x509 Certificate memory corruption

🕛 1054 Tage, 19 Stunden 36 Minuten
📆 24.05.2021 um 09:05 Uhr
📈 32.98 Punkte

📌 CVE-2022-48437 | OpenBSD/LibreSSL x509/x509_verify.c x509_verify_ctx_add_chain certificate validation

🕛 348 Tage, 20 Stunden 28 Minuten
📆 30.04.2023 um 08:14 Uhr
📈 32.98 Punkte

📌 OpenSSL up to 1.0.2w/1.1.1h x509 Certificate GENERAL_NAME_cmp null pointer dereference

🕛 1219 Tage, 17 Stunden 50 Minuten
📆 10.12.2020 um 11:09 Uhr
📈 32.98 Punkte

📌 GNU GnuTLS 3.1.0 up to 3.2.10 Version 1 Certificate lib/x509/verify.c gnutls_x509_verify_certificate access control

🕛 1038 Tage, 13 Stunden 36 Minuten
📆 09.06.2021 um 15:02 Uhr
📈 32.98 Punkte

📌 Check Point VPN-1/Firewall-1 ASN.1 Decoder Heap-based memory corruption

🕛 1750 Tage, 5 Stunden 29 Minuten
📆 28.06.2019 um 22:33 Uhr
📈 32.17 Punkte

📌 Crypto++ 5.6.4 ASN.1 BER Decoder denial of service

🕛 1689 Tage, 11 Stunden 35 Minuten
📆 28.08.2019 um 16:09 Uhr
📈 32.17 Punkte

📌 Bouncy Castle JCE Provider up to 1.55 ASN.1 Decoder privilege escalation

🕛 1523 Tage, 9 Stunden 21 Minuten
📆 10.02.2020 um 19:19 Uhr
📈 32.17 Punkte

📌 Mozilla Firefox up to 12.0 ASN.1 Decoder wsock32.dll memory corruption

🕛 1114 Tage, 18 Stunden 36 Minuten
📆 25.03.2021 um 10:20 Uhr
📈 32.17 Punkte

📌 CVE-2016-0758 | Google Android ASN.1 Decoder integer overflow (Nessus ID 93283 / ID 157314)

🕛 568 Tage, 18 Stunden 48 Minuten
📆 22.09.2022 um 09:19 Uhr
📈 32.17 Punkte

📌 Crypto++ 5.6.4 ASN.1 BER Decoder Denial of Service

🕛 2628 Tage, 19 Stunden 3 Minuten
📆 30.01.2017 um 01:00 Uhr
📈 32.17 Punkte

📌 wolfSSL 4.1.0 DER Certificate wolfcrypt/src/asn.c DecodeCertExtensions Heap-based memory corruption

🕛 1345 Tage, 11 Stunden 20 Minuten
📆 06.08.2020 um 16:27 Uhr
📈 28.32 Punkte

📌 Openweave-core 4.0.2 ASN.1 Certificate Heap-based memory corruption

🕛 1350 Tage, 9 Stunden 35 Minuten
📆 01.08.2020 um 18:32 Uhr
📈 27.28 Punkte

📌 strongSwan up to 5.5.2 ASN.1 Parser Crafted Certificate data processing

🕛 1203 Tage, 14 Stunden 21 Minuten
📆 26.12.2020 um 15:08 Uhr
📈 27.28 Punkte

📌 strongSwan bis 5.5.2 ASN.1 Parser Crafted Certificate Infinite Loop Denial of Service

🕛 2500 Tage, 8 Stunden 49 Minuten
📆 08.06.2017 um 00:00 Uhr
📈 27.28 Punkte

📌 Google Go up to 1.13.12/1.14.4 X.509 Certificate Verification Certificate.Verify certificate validation

🕛 1255 Tage, 13 Stunden 35 Minuten
📆 04.11.2020 um 14:44 Uhr
📈 26.88 Punkte

📌 Faye up to 1.3.x Certificate Verification EM::Connection#start_tls TLS Certificate certificate validation

🕛 1253 Tage, 7 Stunden 35 Minuten
📆 06.11.2020 um 21:05 Uhr
📈 26.88 Punkte

📌 faye-websocket up to 0.10.x Certificate Verification Faye::WebSocket::Client TLS Certificate certificate validation

🕛 1253 Tage, 7 Stunden 35 Minuten
📆 06.11.2020 um 20:56 Uhr
📈 26.88 Punkte

📌 OpenSSL x509 Parsing Double-Free / Invalid-Free

🕛 2739 Tage, 11 Stunden 7 Minuten
📆 11.10.2016 um 21:32 Uhr
📈 24.02 Punkte

📌 OpenSSL x509 Parsing Double-Free / Invalid-Free

🕛 2739 Tage, 11 Stunden 7 Minuten
📆 11.10.2016 um 21:32 Uhr
📈 24.02 Punkte

📌 gnu gnutls up to 1.0.16 lib/x509/verify.c _gnutls_x509_verify_certificate spoofing

🕛 1697 Tage, 9 Stunden 28 Minuten
📆 20.08.2019 um 18:13 Uhr
📈 24.02 Punkte

📌 OpenSSL 1.0.1s/1.0.2g EBCDIC crypto/x509/x509_obj.c X509_NAME_oneline memory corruption

🕛 1978 Tage, 20 Stunden 17 Minuten
📆 03.05.2016 um 02:00 Uhr
📈 24.02 Punkte

📌 gnu gnutls up to 2.6.1 Certificates lib/x509/verify.c _gnutls_x509_verify_certificate spoofing

🕛 1682 Tage, 8 Stunden 37 Minuten
📆 04.09.2019 um 17:15 Uhr
📈 24.02 Punkte

📌 Ruby up to 2.3.7/2.4.4/2.5.1/2.6.0-preview2 OpenSSL Library OpenSSL::X509::Name weak authentication

🕛 1460 Tage, 10 Stunden 50 Minuten
📆 13.04.2020 um 17:01 Uhr
📈 24.02 Punkte

📌 Google Go up to 1.10.5/1.11.2 crypto-x509 Package CPU Exhaustion denial of service

🕛 1452 Tage, 19 Stunden 35 Minuten
📆 21.04.2020 um 09:06 Uhr
📈 24.02 Punkte

🏠 Team IT Security News

📚 Bugtraq: [security bulletin] - Linux Kernel Flaw, ASN.1 DER decoder for x509 certificate DER

Sharing is caring on Social Media

Join the Team IT Security Community

📌 axTLS up to 2.1.3 ASN.1 x509.c sig_verify() Certificate denial of service

📌 OpenSSL 1.0.1n/1.0.1o/1.0.2b/1.0.2c x509 Basic Constraints crypto/x509/x509_vfy.c X509_verify_cert spoofing

📌 wolfSSL up to 4.1.0 ASN.1 Certificate wolfcrypt/src/asn.c CheckCertSignature_ex Heap-based memory corruption

📌 CVE-2019-18840 | wolfSSL up to 4.2.0c ASN.1 Certificate wolfcrypt/src/asn.c out-of-bounds write (Issue 2555)

📌 CVE-2016-2053 | Google Android Kernel ASN.1 Decoder cryptographic issues (Nessus ID 93278 / ID 168927)

📌 Google Android Kernel ASN.1 Decoder erweiterte Rechte [CVE-2016-2053]

📌 Google Android Kernel ASN.1 Decoder erweiterte Rechte [CVE-2016-2053]

📌 [dos] wolfSSL 3.10.2 - x509 Certificate Text Parsing Off-by-One

📌 axTLS up to 2.1.3 PKCS #1 x509.c sig_verify() Certificate spoofing

📌 axTLS up to 2.1.3 PKCS #1 x509.c sig_verify() Certificate spoofing

📌 Google Chrome 17.0.963.46 x509 Certificate input validation

📌 Cisco ASA up to 9.1.1.4 x509 Certificate memory corruption

📌 CVE-2022-48437 | OpenBSD/LibreSSL x509/x509_verify.c x509_verify_ctx_add_chain certificate validation

📌 OpenSSL up to 1.0.2w/1.1.1h x509 Certificate GENERAL_NAME_cmp null pointer dereference

📌 GNU GnuTLS 3.1.0 up to 3.2.10 Version 1 Certificate lib/x509/verify.c gnutls_x509_verify_certificate access control

📌 Check Point VPN-1/Firewall-1 ASN.1 Decoder Heap-based memory corruption

📌 Crypto++ 5.6.4 ASN.1 BER Decoder denial of service

📌 Bouncy Castle JCE Provider up to 1.55 ASN.1 Decoder privilege escalation

📌 Mozilla Firefox up to 12.0 ASN.1 Decoder wsock32.dll memory corruption

📌 CVE-2016-0758 | Google Android ASN.1 Decoder integer overflow (Nessus ID 93283 / ID 157314)

📌 Crypto++ 5.6.4 ASN.1 BER Decoder Denial of Service

📌 wolfSSL 4.1.0 DER Certificate wolfcrypt/src/asn.c DecodeCertExtensions Heap-based memory corruption

📌 Openweave-core 4.0.2 ASN.1 Certificate Heap-based memory corruption

📌 strongSwan up to 5.5.2 ASN.1 Parser Crafted Certificate data processing

📌 strongSwan bis 5.5.2 ASN.1 Parser Crafted Certificate Infinite Loop Denial of Service

📌 Google Go up to 1.13.12/1.14.4 X.509 Certificate Verification Certificate.Verify certificate validation

📌 Faye up to 1.3.x Certificate Verification EM::Connection#start_tls TLS Certificate certificate validation

📌 faye-websocket up to 0.10.x Certificate Verification Faye::WebSocket::Client TLS Certificate certificate validation

📌 OpenSSL x509 Parsing Double-Free / Invalid-Free

📌 OpenSSL x509 Parsing Double-Free / Invalid-Free

📌 gnu gnutls up to 1.0.16 lib/x509/verify.c _gnutls_x509_verify_certificate spoofing

📌 OpenSSL 1.0.1s/1.0.2g EBCDIC crypto/x509/x509_obj.c X509_NAME_oneline memory corruption

📌 gnu gnutls up to 2.6.1 Certificates lib/x509/verify.c _gnutls_x509_verify_certificate spoofing

📌 Ruby up to 2.3.7/2.4.4/2.5.1/2.6.0-preview2 OpenSSL Library OpenSSL::X509::Name weak authentication

📌 Google Go up to 1.10.5/1.11.2 crypto-x509 Package CPU Exhaustion denial of service