Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Cyassl Security Vulnerabilities

cve
cve

CVE-2014-2899

wolfSSL CyaSSL before 2.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via (1) a request for the peer certificate when a certificate parsing failure occurs or (2) a client_key_exchange message when the ephemeral key is not...

9.1AI Score

0.053EPSS

2014-04-22 02:23 PM
16
cve
cve

CVE-2014-2900

wolfSSL CyaSSL before 2.9.4 does not properly validate X.509 certificates with unknown critical extensions, which allows man-in-the-middle attackers to spoof servers via crafted X.509...

9.2AI Score

0.001EPSS

2014-04-22 02:23 PM
20
cve
cve

CVE-2013-1623

The TLS and DTLS implementations in wolfSSL CyaSSL before 2.5.0 do not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks.....

6.7AI Score

0.003EPSS

2013-02-08 07:55 PM
41
cve
cve

CVE-2012-1558

yaSSL CyaSSL before 2.0.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted X.509...

6.8AI Score

0.009EPSS

2012-03-12 07:55 PM
24