CVE-2018-12439

MatrixSSL through 3.9.5 Open allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host...

EUVD-2016-7776

Malware in sbrugna...

EUVD-2016-9510

Malware in sbrugna...

EUVD-2019-5630

Malware in sbrugna...

EUVD-2018-4410

Malware in sbrugna...

EUVD-2016-7772

Malware in sbrugna...

EUVD-2016-7769

Malware in sbrugna...

EUVD-2016-7777

Malware in sbrugna...

EUVD-2016-7767

Malware in sbrugna...

EUVD-2022-46942

Malicious code in bioql PyPI...

CVE-2019-13470

MatrixSSL before 4.2.1 has an out-of-bounds read during ASN.1 handling...

CVE-2019-13629

MatrixSSL 4.2.1 and earlier contains a timing side channel in ECDSA signature generation. This allows a local or a remote attacker, able to measure the duration of hundreds to thousands of signing operations, to compute the private key used. The issue occurs because crypto/pubkey/eccmath.c scalar...

CVE-2022-43974

MatrixSSL 4.0.4 through 4.5.1 has an integer overflow in matrixSslDecodeTls13. A remote attacker might be able to send a crafted TLS Message to cause a buffer overflow and achieve remote code execution. This is fixed in 4.6.0...

CVE-2022-46505

An issue in MatrixSSL 4.5.1-open and earlier leads to failure to securely check the SessionID field, resulting in the misuse of an all-zero MasterSecret that can decrypt secret data...

Out-of-bounds

MatrixSSL before 4.2.1 has an out-of-bounds read during ASN.1 handling...

Information disclosure

MatrixSSL before 3.8.3 configured with RSA Cipher Suites allows remote attackers to obtain sensitive information via a Bleichenbacher variant attack...