This page lists publicly disclosed CVE vulnerabilities affecting mcrypt mcrypt (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2012-4527 | Stack-based buffer overflow in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long file name. NOTE: it is not clear whether this is a vulnerability. | [email protected] | 6.8 | 28.10% | 2012-11-21 | 2026-04-29 |
| CVE-2012-4426 | Multiple format string vulnerabilities in mcrypt 2.6.8 and earlier might allow user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via vectors involving (1) errors.c or (2) mcrypt.c. | [email protected] | 6.8 | 14.86% | 2012-11-21 | 2026-04-29 |
| CVE-2012-4409 | Stack-based buffer overflow in the check_file_head function in extra.c in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to execute arbitrary code via an encrypted file with a crafted header containing long salt data that is not properly handled during decryption. | [email protected] | 6.8 | 58.74% | 2012-11-21 | 2026-04-29 |