CVE-2026-7776

Boundary Community Edition and Boundary Enterprise “Boundary” workers are vulnerable to a denial-of-service condition during node enrollment TLS handshakes. An attacker with network access to the worker authentication listener may open a connection and delay or withhold the client certificate...

EUVD-2019-19055

Malware in sbrugna...

CVE-2022-39368

Eclipse Californium is a Java implementation of RFC7252 - Constrained Application Protocol for IoT Cloud services. In versions prior to 3.7.0, and 2.7.4, Californium is vulnerable to a Denial of Service. Failing handshakes don't cleanup counters for throttling, causing the threshold to be reached...

GHSA-P72G-CGH9-GHJG Failing DTLS handshakes may cause throttling to block processing of records

Impact Failing handshakes didn't cleanup counters for throttling. In consequence the threshold may get reached and will not be released again. The results in permanently dropping records. The issues was reported for certificate based handshakes, but it can't be excluded, that this happens also fo...

CVE-2020-27222

In Eclipse Californium version 2.3.0 to 2.6.0, the certificate based x509 and RPK DTLS handshakes accidentally fails, because the DTLS server side sticks to a wrong internal state. That wrong internal state is set by a previous certificate based DTLS handshake failure with TLS parameter mismatch...

CVE-2019-10013

The asn1signature function in asn1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow that allows remote attackers to cause a denial of service memory and CPU consumption via a crafted certificate in the TLS certificate handshake message, because the result of getasn1length is n...

CVE-2019-10013

The asn1signature function in asn1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow that allows remote attackers to cause a denial of service memory and CPU consumption via a crafted certificate in the TLS certificate handshake message, because the result of getasn1length is n...

UBUNTU-CVE-2019-10013

The asn1signature function in asn1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow that allows remote attackers to cause a denial of service memory and CPU consumption via a crafted certificate in the TLS certificate handshake message, because the result of getasn1length is n...

UBUNTU-CVE-2019-9689

processcertificate in tls1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow via a crafted TLS certificate handshake message with zero certificates...

CVE-2019-10013

Removed by vendor...

CVE-2019-10013

The CVE-2019-10013 entry concerns the axTLS library (Cameron Hamilton-Rich) up to version 2.1.5. The asn1_signature function in asn1.c contains a Buffer Overflow vulnerability triggered by a crafted TLS certificate in the handshake, because get_asn1_length() is not checked for a sensible minimum/...