113 matches found
📄 OpenSSL 3.x ASN.1 AES‑GCM Nonce Stack Corruption
This Metasploit auxiliary module generates a specially crafted CMS file encoded in DER format to test a stack-based buffer overflow vulnerability in OpenSSL's ASN.1 parser related to improper handling of oversized AES-GCM nonce IV values within AES-GCM-Parameters as defined in RFC 5084. The...
EUVD-2019-16298
Malware in sbrugna...
EUVD-2017-1555
Malware in sbrugna...
EUVD-2019-0682
Malware in sbrugna...
EUVD-2017-17963
Malware in sbrugna...
EUVD-2017-9441
Malware in sbrugna...
EUVD-2009-2181
Malware in sbrugna...
EUVD-2005-1732
Malware in sbrugna...
CVE-2019-17359
The ASN.1 parser in Bouncy Castle Crypto aka BC Java 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data. This is fixed in 1.64...
CVE-2017-1000416
axTLS version 1.5.3 has a coding error in the ASN.1 parser resulting in the year 1950 of UTCTime being misinterpreted as 2050...
Linux Distros Unpatched Vulnerability : CVE-2017-9023
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of...
AlmaLinux 8 : mysql:8.0 (ALSA-2025:1673)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:1673 advisory. openssl: SSLselectnextproto buffer overread CVE-2024-5535 krb5: GSS message token handling CVE-2024-37371 curl: libcurl: ASN.1 date parser overread...
Azure Linux 3.0 Security Update: mysql (CVE-2024-7264)
The version of mysql installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-7264 advisory. - libcurl's ASN1 parser code has the GTime2str function, used for parsing an ASN.1 Generalized Time field. If...
CVE-2024-7264 ASN.1 date parser overread
libcurl's ASN1 parser code has the GTime2str function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might end up using -1 for the length of the time fraction, leading to a strlen getting performed on a pointer to a heap buffer area that i...
CURL-CVE-2024-7264 ASN.1 date parser overread
libcurl's ASN1 parser code has the GTime2str function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might end up using -1 for the length of the time fraction, leading to a strlen getting performed on a pointer to a heap buffer area that i...
CVE-2024-6197 freeing stack buffer in utf8asn1str
libcurl's ASN1 parser has this utf8asn1str function used for parsing an ASN.1 UTF-8 string. Itcan detect an invalid field and return error. Unfortunately, when doing so it also invokes free on a 4 byte localstack buffer. Most modern malloc implementations detect this error and immediately abort...
CVE-2024-6197
libcurl's ASN1 parser has this utf8asn1str function used for parsing an ASN.1 UTF-8 string. Itcan detect an invalid field and return error. Unfortunately, when doing so it also invokes free on a 4 byte localstack buffer. Most modern malloc implementations detect this error and immediately abort...
Mozilla Firefox Security Advisory (MFSA2022-24) - Mac OS X
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
CVE-2021-1782, an iOS in-the-wild vulnerability in vouchers
Posted by Ian Beer, Google Project Zero This blog post is my analysis of a vulnerability exploited in the wild and patched in early 2021. Like the writeup published last week looking at an ASN.1 parser bug, this blog post is based on the notes I took as I was analyzing the patch and trying to...
OPENSUSE-SU-2021:3301-1 Security update for libcryptopp
This update for libcryptopp fixes the following issues: - CVE-2016-9939: Fixed potential DoS in Crypto++ libcryptopp ASN.1 parser bsc1015243...