Lucene search
K

5 matches found

CVE
CVE
added 2026/03/19 5:45 p.m.15 views

CVE-2026-3548

Two concrete vulnerabilities affect the wolfSSL CRL parser: heap-based and stack-based buffer overflows when parsing CRL numbers, triggered by crafted CRLs and only in builds with CRL support enabled. The issue stems from storing the CRL number as a hexadecimal string, enabling out-of-bounds writ...

9.8CVSS6.2AI score0.00471EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/19 5:45 p.m.2 views

CVE-2026-3548 Buffer overflow in CRL number parsing in wolfSSL

Two buffer overflow vulnerabilities existed in the wolfSSL CRL parser when parsing CRL numbers: a heap-based buffer overflow could occur when improperly storing the CRL number as a hexadecimal string, and a stack-based overflow for sufficiently sized CRL numbers. With appropriately crafted CRLs,...

9.2CVSS6.2AI score0.00471EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2017/04/07 12:0 a.m.19 views

openSUSE: Security Advisory for mbedtls (openSUSE-SU-2017:0790-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS8.1AI score0.0339EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2017/03/23 12:0 a.m.29 views

openSUSE Security Update : mbedtls (openSUSE-2017-372)

This update to mbedtls 1.3.19 fixes security issues and bugs. The following vulnerability was fixed : CVE-2017-2784: A remote user could have used a specially crafted certificate to cause mbedtls to free a buffer allocated on the stack when verifying the validity of public key with a secp224k1...

8.1CVSS8.5AI score0.0339EPSS
Exploits2References2
OPENSUSE Linux
OPENSUSE Linux
added 2017/03/22 3:10 p.m.40 views

Security update for mbedtls (important)

This update to mbedtls 1.3.19 fixes security issues and bugs. The following vulnerability was fixed: CVE-2017-2784: A remote user could have used a specially crafted certificate to cause mbedtls to free a buffer allocated on the stack when verifying the validity of public key with a secp224k1...

4.4AI score0.0339EPSS
Exploits2References1
Rows per page
Query Builder