3 matches found
CVE-2025-15469
Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...
PT-2024-33341
Name of the Vulnerable Software and Affected Versions Mbed TLS versions 3.5.x through 3.6.x before 3.6.2 Description The issue is related to a buffer underrun in the pkwrite function when writing an opaque key pair. Recommendations For Mbed TLS versions 3.5.x through 3.6.x before 3.6.2, update to...
Mozilla Freed object reuse across plugin instances
Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to execute arbitrary code via vectors involving multiple plugin instances...