Search CVE reports
181 – 190 of 42899 results
X.509 trust-chain bypass in the OpenSSL compatibility certificate verifier (wolfSSL_X509_verify_cert()). This affects only builds with --enable-opensslextra (OPENSSL_EXTRA) and whose application validates certificates by calling...
1 affected package
wolfssl
| Package | 22.04 LTS |
|---|---|
| wolfssl | Needs evaluation |
Certificates with wildcard DNS SANs (e.g. *.example.com) bypassed CA name-constraint checks. A certificate with a wildcard DNS SAN that should be rejected by the issuing CA's permitted/excluded DNS name constraints could be accepted.
1 affected package
wolfssl
| Package | 22.04 LTS |
|---|---|
| wolfssl | Needs evaluation |
The X25519 x86_64 assembly implementation fails to clear the most significant bit during the final modular reduction, so the computed result may not be fully reduced modulo the field prime 2^255 - 19. This can leave the field...
1 affected package
wolfssl
| Package | 22.04 LTS |
|---|---|
| wolfssl | Needs evaluation |
wolfSSL's AVX2-optimized ML-KEM implementation (mlkem_cmp_avx2) compares only 1536 of the 1568 ciphertext bytes during the Fujisaki-Okamoto re-encryption check in ML-KEM-1024 decapsulation. Ciphertexts that differ from the...
1 affected package
wolfssl
| Package | 22.04 LTS |
|---|---|
| wolfssl | Needs evaluation |
A use-after-free in the gf_filter_pid_inst_swap function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted media file.
1 affected package
gpac
| Package | 22.04 LTS |
|---|---|
| gpac | Needs evaluation |
A use-after-free in the gf_sei_load_from_state_internal function (/filters/sei_load.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MPEG-2 TS file.
1 affected package
gpac
| Package | 22.04 LTS |
|---|---|
| gpac | Needs evaluation |
RTKLIB through 2.4.3 contains a heap buffer overflow vulnerability in the readrnxobsb function in src/rinex.c that allows attackers to trigger memory corruption by failing to clamp satellite count values from RINEX epoch headers....
1 affected package
rtklib
| Package | 22.04 LTS |
|---|---|
| rtklib | Needs evaluation |
RTKLIB through 2.4.3 contains an out-of-bounds read vulnerability in getcodepri function when processing unrecognized RINEX observation codes, allowing attackers to trigger denial of service. Crafted RINEX files with unknown...
1 affected package
rtklib
| Package | 22.04 LTS |
|---|---|
| rtklib | Needs evaluation |
RTKLIB through 2.4.3 contains an off-by-one out-of-bounds read vulnerability in the decode_ssr3 function at src/rtcm3.c:1446 that allows remote attackers to trigger a global buffer overflow via crafted RTCM3 SSR messages with...
1 affected package
rtklib
| Package | 22.04 LTS |
|---|---|
| rtklib | Needs evaluation |
RTKLIB through 2.4.3 contains an out-of-bounds write vulnerability in decode_type1033 function that fails to clamp length counters to destination buffer size, allowing up to 191-byte overflow into fixed 64-byte descriptor fields....
1 affected package
rtklib
| Package | 22.04 LTS |
|---|---|
| rtklib | Needs evaluation |