Filippo Valsorda

7 exploits Active since May 2016
CVE-2016-2107 NOMISEC MEDIUM WORKING POC
Redhat Enterprise Linux Desktop < 1.0.1s - Information Disclosure
The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169.
2 stars
CVSS 5.9
CVE-2026-26958 WRITEUP WRITEUP
filippo.io/edwards25519 <=1.1.0 - Memory Corruption
filippo.io/edwards25519 is a Go library implementing the edwards25519 elliptic curve with APIs for building cryptographic primitives. In versions 1.1.0 and earlier, MultiScalarMult produces invalid results or undefined behavior if the receiver is not the identity point. If (*Point).MultiScalarMult is called on an initialized point that is not the identity point, it returns an incorrect result. If the method is called on an uninitialized point, the behavior is undefined. In particular, if the receiver is the zero value, MultiScalarMult returns an invalid point that compares Equal to every other point. Note that MultiScalarMult is a rarely used, advanced API. For example, users who depend on filippo.io/edwards25519 only through github.com/go-sql-driver/mysql are not affected. This issue has been fixed in version 1.1.1.
CVE-2019-6486 WRITEUP HIGH WRITEUP
GO < 1.10.8 - Resource Allocation Without Limits
Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 elliptic curves, which allows attackers to cause a denial of service (CPU consumption) or possibly conduct ECDH private key recovery attacks.
CVSS 8.2
CVE-2021-3114 WRITEUP MEDIUM WRITEUP
Go <1.14.14, <1.15.7 - Info Disclosure
In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.
CVSS 6.5
CVE-2023-24533 WRITEUP HIGH WRITEUP
Multiplication - Info Disclosure
Multiplication of certain unreduced P-256 scalars produce incorrect results. There are no protocols known at this time that can be attacked due to this.
CVSS 7.5
EIP-2026-102670 EXPLOITDB text WORKING POC
MatrixSSL < 4.0.2 - Stack Buffer Overflow Verifying x.509 Certificates
EIP-2026-102671 EXPLOITDB text WORKING POC
MatrixSSL < 4.0.2 - Stack Buffer Overflow Verifying x.509 Certificates