📦 Mbed Tls

Mbed TLS versions 3.5.x through 3.6.x before 3.6.2 contain a buffer underrun vulnerability in the pkwrite function when writing opaque key pairs. This allows attackers to potentially execute arbitrary...

A stack buffer overflow vulnerability in Mbed TLS 3.6 allows attackers to execute arbitrary code or cause denial of service when applications directly call the affected ECDSA conversion functions with...

A malicious client can exploit a stack buffer over-read vulnerability in Mbed TLS 3.3.0 through 3.5.2 to cause information disclosure or denial of service against TLS 1.3 servers. This affects any sys...

This CVE describes a buffer overflow vulnerability in Mbed TLS that allows remote attackers to execute arbitrary code on affected systems. It affects Mbed TLS versions 3.2.x through 3.4.x before 3.5. ...

This vulnerability in Mbed TLS allows unauthenticated attackers to send specially crafted DTLS ClientHello messages to servers with specific configurations, causing heap buffer over-reads of up to 255...

Mbed TLS versions before 3.6.4 contain a use-after-free vulnerability in the mbedtls_x509_string_to_names() function. The function unexpectedly frees memory that application code continues to referenc...

Mbed TLS versions before 3.6.4 have a race condition in AESNI detection that can occur with certain compiler optimizations. This vulnerability allows attackers to extract AES keys from multithreaded p...

This vulnerability in Mbed TLS and Mbed Crypto allows attackers to potentially access sensitive cryptographic data or cause denial of service through improper handling of shared memory in the PSA Cryp...

An integer overflow vulnerability in Mbed TLS's mbedtls_x509_set_extension() function allows attackers to cause denial of service (DoS) by triggering memory corruption. This affects systems using Mbed...

A vulnerability in Mbed TLS 3.5.1 causes persistent handshake denial when a client sends a TLS 1.3 ClientHello message without extensions. This allows attackers to cause denial of service by preventin...

This CVE describes a buffer overflow vulnerability in Mbed TLS versions 2.x before 2.28.5 and 3.x before 3.5.0. Attackers could exploit this to execute arbitrary code or cause denial of service. Any s...

This vulnerability in mbed TLS allows attackers to cause a Denial of Service by providing an empty password to the mbedtls_pkcs12_derivation function. It affects systems using mbed TLS 3.0.0 and earli...

This vulnerability in Mbed TLS allows policy bypass or oracle-based decryption attacks when untrusted applications can access output buffer memory locations. It affects systems using Mbed TLS for cryp...

This vulnerability in Mbed TLS allows attackers to bypass certificate validation by exploiting a parsing flaw where NULL algorithm parameters are incorrectly treated as valid. This affects systems usi...

This vulnerability in Mbed TLS allows sensitive application data to remain in memory after SSL/TLS sessions, potentially exposing it to attackers who can read process memory. It affects all systems us...

This vulnerability in Arm Mbed TLS allows a remote attacker to recover plaintext from encrypted communications due to an incomplete Lucky 13 countermeasure when hardware acceleration is used. It affec...

This vulnerability in Arm Mbed TLS allows attackers to read one byte beyond the allocated buffer when parsing Certificate Revocation Lists (CRLs) in DER format. This could potentially leak sensitive m...

Mbed TLS versions through 3.6.4 contain a timing side-channel vulnerability in RSA decryption with PKCS#1 v1.5 padding. This allows attackers to potentially extract private keys by measuring decryptio...

CVE-2025-54764 is a timing side-channel vulnerability in Mbed TLS that allows local attackers to potentially extract RSA private keys by measuring execution time differences in certain mathematical op...

This vulnerability in Mbed TLS allows an attacker to cause a denial of service (DoS) by triggering a NULL pointer dereference when parsing malformed ASN.1 data. It affects systems using Mbed TLS for c...

This vulnerability in MbedTLS allows attackers to forge LMS signatures when using hardware-accelerated hashing. An attacker who can induce faults in hash accelerator hardware can bypass signature veri...

This vulnerability in Mbed TLS occurs when memory allocation fails or hardware errors happen, causing the library to use uninitialized stack memory when composing TLS Finished messages. This could all...