Search Results | AttackerKB

wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow (8 bytes) in MqttDecode_Publish (called from MqttClient_DecodePacket and MqttClient_HandlePacket).

Attack Vector: Local Privileges: None User Interaction: Required

Attacker Value

Unknown

CVE-2021-45932

Disclosure Date: January 01, 2022 (last updated February 23, 2025)

wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow (4 bytes) in MqttDecode_Publish (called from MqttClient_DecodePacket and MqttClient_HandlePacket).

Attack Vector: Local Privileges: None User Interaction: Required

Attacker Value

Unknown

CVE-2021-38597

Disclosure Date: August 12, 2021 (last updated February 23, 2025)

wolfSSL before 4.8.1 incorrectly skips OCSP verification in certain situations of irrelevant response data that contains the NoCheck extension.

Attack Vector: Network Privileges: None User Interaction: None

Attacker Value

Unknown

CVE-2021-37155

Disclosure Date: July 21, 2021 (last updated November 28, 2024)

wolfSSL 4.6.x through 4.7.x before 4.8.0 does not produce a failure outcome when the serial number in an OCSP request differs from the serial number in the OCSP response.

Attack Vector: Network Privileges: None User Interaction: None

Attacker Value

Unknown

CVE-2021-33501

Disclosure Date: July 19, 2021 (last updated February 23, 2025)

Overwolf Client 0.169.0.22 allows XSS, with resultant Remote Code Execution, via an overwolfstore:// URL.

Attack Vector: Network Privileges: None User Interaction: Required

112 Total Results

Displaying 41-50 of 112

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Quick Cookie Notification