3 matches found
CVE-2026-9267
Eclipse tinydtls before commit b3efd41ad111a4920f599f51ffa4f5e9f1e72221 contains an out-of-bounds read vulnerability in the checkservercertificate function that allows unauthenticated attackers to trigger reads beyond valid buffer boundaries by crafting a Certificate handshake message with a...
openssl: invalid pointer use in ASN1_TYPE_cmp()
An invalid pointer use flaw was found in OpenSSL's ASN1TYPEcmp function. A remote attacker could crash a TLS/SSL client or server using OpenSSL via a specially crafted X.509 certificate when the attacker-supplied certificate was verified by the application...
CVE-2014-7543
The Blood aka com.sheridan.ash application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...