Lucene search
K

14 matches found

NVD
NVD
added 2026/06/29 9:16 a.m.9 views

CVE-2026-9267

Eclipse tinydtls before commit b3efd41ad111a4920f599f51ffa4f5e9f1e72221 contains an out-of-bounds read vulnerability in the checkservercertificate function that allows unauthenticated attackers to trigger reads beyond valid buffer boundaries by crafting a Certificate handshake message with a...

6.9CVSS0.00173EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/29 8:10 a.m.7 views

CVE-2026-9267

Eclipse tinydtls before commit b3efd41ad111a4920f599f51ffa4f5e9f1e72221 contains an out-of-bounds read vulnerability in the checkservercertificate function that allows unauthenticated attackers to trigger reads beyond valid buffer boundaries by crafting a Certificate handshake message with a...

6.9CVSS6AI score0.00173EPSS
Exploits0References2
CVE
CVE
added 2026/06/29 8:10 a.m.13 views

CVE-2026-9267

CVE-2026-9267 affects Eclipse tinydtls prior to commit b3efd41ad111a4920f599f51ffa4f5e9f1e72221. The issue is an out-of-bounds read in the check_server_certificate() function during DTLS epoch 0 where a Certificate handshake message with a crafted fragment_length can trigger reads beyond buffer b...

6.9CVSS6AI score0.00173EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/04 9:34 p.m.5 views

CVE-2026-7776

Boundary Community Edition and Boundary Enterprise “Boundary” workers are vulnerable to a denial-of-service condition during node enrollment TLS handshakes. An attacker with network access to the worker authentication listener may open a connection and delay or withhold the client certificate...

7.5CVSS5.8AI score0.002EPSS
Exploits0References2Affected Software2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-19055

Malware in sbrugna...

7.5CVSS7.5AI score0.01479EPSS
Exploits0References6
NVD
NVD
added 2022/11/10 12:15 a.m.51 views

CVE-2022-39368

Eclipse Californium is a Java implementation of RFC7252 - Constrained Application Protocol for IoT Cloud services. In versions prior to 3.7.0, and 2.7.4, Californium is vulnerable to a Denial of Service. Failing handshakes don't cleanup counters for throttling, causing the threshold to be reached...

8.2CVSS0.00553EPSS
Exploits0References3
OSV
OSV
added 2022/11/09 5:20 p.m.2 views

GHSA-P72G-CGH9-GHJG Failing DTLS handshakes may cause throttling to block processing of records

Impact Failing handshakes didn't cleanup counters for throttling. In consequence the threshold may get reached and will not be released again. The results in permanently dropping records. The issues was reported for certificate based handshakes, but it can't be excluded, that this happens also fo...

8.2CVSS5.8AI score0.00553EPSS
Exploits0References7
OSV
OSV
added 2021/02/03 4:15 p.m.20 views

CVE-2020-27222

In Eclipse Californium version 2.3.0 to 2.6.0, the certificate based x509 and RPK DTLS handshakes accidentally fails, because the DTLS server side sticks to a wrong internal state. That wrong internal state is set by a previous certificate based DTLS handshake failure with TLS parameter mismatch...

7.5CVSS6.7AI score
Exploits0References1
OSV
OSV
added 2019/12/03 8:15 p.m.3 views

CVE-2019-10013

The asn1signature function in asn1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow that allows remote attackers to cause a denial of service memory and CPU consumption via a crafted certificate in the TLS certificate handshake message, because the result of getasn1length is n...

7.5CVSS7.1AI score0.0191EPSS
Exploits0References5
NVD
NVD
added 2019/12/03 8:15 p.m.9 views

CVE-2019-10013

The asn1signature function in asn1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow that allows remote attackers to cause a denial of service memory and CPU consumption via a crafted certificate in the TLS certificate handshake message, because the result of getasn1length is n...

7.8CVSS7.4AI score0.0191EPSS
Exploits0References5
OSV
OSV
added 2019/12/03 8:15 p.m.2 views

UBUNTU-CVE-2019-9689

processcertificate in tls1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow via a crafted TLS certificate handshake message with zero certificates...

7.5CVSS7.1AI score0.01479EPSS
Exploits0References7
OSV
OSV
added 2019/12/03 8:15 p.m.3 views

UBUNTU-CVE-2019-10013

The asn1signature function in asn1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow that allows remote attackers to cause a denial of service memory and CPU consumption via a crafted certificate in the TLS certificate handshake message, because the result of getasn1length is n...

7.5CVSS5.8AI score0.0191EPSS
Exploits0References2
CVE
CVE
added 2019/12/03 8:0 p.m.63 views

CVE-2019-10013

The CVE-2019-10013 entry concerns the axTLS library (Cameron Hamilton-Rich) up to version 2.1.5. The asn1_signature function in asn1.c contains a Buffer Overflow vulnerability triggered by a crafted TLS certificate in the handshake, because get_asn1_length() is not checked for a sensible minimum/...

7.8CVSS7.4AI score0.0191EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2019/12/03 8:0 p.m.18 views

CVE-2019-10013

Removed by vendor...

7.8CVSS7.6AI score0.0191EPSS
Exploits0
Rows per page
Query Builder