openssl

280 tracked vulnerabilities.

CVE-2010-0740
OpenSSL 0.9.8f-0.9.8m - Denial of Service via Malformed TLS Record
Mar 26, 2010
EPSS 0.15
CVE-2010-0928
OpenSSL 0.9.8i - Private Key Exposure via Fault-Based Attack on FWE Algorithm
Mar 05, 2010
EPSS 0.00
CVE-2010-0433
OpenSSL < 0.9.8n - Denial of Service via NULL Pointer Dereference in kssl_keytab_is_available
Mar 05, 2010
EPSS 0.17
CVE-2009-3245
OpenSSL < 0.9.8m - Denial of Service via NULL Return Value in bn_wexpand
Mar 05, 2010
EPSS 0.20
CVE-2009-4355
OpenSSL < 0.9.8l - Memory Leak in zlib_stateful_finish
Jan 14, 2010
EPSS 0.20
CVE-2009-3555
Apache HTTP Server < 2.2.14 - Plaintext Injection via TLS Renegotiation
Nov 09, 2009
EPSS 0.02
CVE-2009-2409
GnuTLS < 2.6.4 - Improper Certificate Validation via MD2 Hash Collision
Jul 30, 2009
EPSS 0.02
CVE-2009-1387
OpenSSL < 0.9.8m - Denial of Service via DTLS Handshake Fragment Bug
Jun 04, 2009
EPSS 0.13
CVE-2009-1386
OpenSSL < 0.9.8i - Denial of Service via DTLS ChangeCipherSpec Packet
Jun 04, 2009
EPSS 0.48
CVE-2009-1379
OpenSSL 1.0.0 Beta 2 - Use-After-Free in DTLS Fragment Retrieval
May 19, 2009
EPSS 0.09
CVE-2009-1378
OpenSSL 0.9.8-0.9.8k - Denial of Service via DTLS Fragment Handling Memory Leak
May 19, 2009
EPSS 0.13
CVE-2009-1377
OpenSSL 0.9.8-0.9.8m - Denial of Service via DTLS Record Buffer Overflow
May 19, 2009
EPSS 0.03
CVE-2009-0789
OpenSSL < 0.9.8k - Denial of Service via Malformed ASN.1 Structure in Certificate Public Key
Mar 27, 2009
EPSS 0.03
CVE-2009-0591
OpenSSL 0.9.8h-0.9.8j - Signature Repudiation via Malformed CMS Signed Attributes
Mar 27, 2009
EPSS 0.02
CVE-2009-0590
OpenSSL < 0.9.8k - Denial of Service via ASN1_STRING_print_ex Invalid Memory Access
Mar 27, 2009
EPSS 0.10
CVE-2009-0653
OpenSSL - Improper Certificate Validation via Missing Basic Constraints Check
Feb 20, 2009
EPSS 0.00
CVE-2008-7270
OpenSSL < 0.9.8j - Remote Cipher Downgrade via Session Cache Manipulation
Dec 06, 2010
EPSS 0.01
CVE-2008-5077
OpenSSL < 0.9.8h - Certificate Chain Validation Bypass via Malformed SSL/TLS Signature
Jan 07, 2009
EPSS 0.00
CVE-2008-1678
OpenSSL 0.9.8f-0.9.8h - Memory Leak in zlib_stateful_init
Jul 10, 2008
EPSS 0.10
CVE-2008-0891
OpenSSL 0.9.8f and 0.9.8g - Denial of Service via Malformed Client Hello Packet
May 29, 2008
EPSS 0.11
CVE-2008-1672
OpenSSL 0.9.8f and 0.9.8g - Denial of Service via NULL Pointer Dereference
May 29, 2008
EPSS 0.19
CVE-2008-0166 HIGH
OpenSSL <0.9.8g-9 - Info Disclosure
May 13, 2008
CVSS 7.5
EPSS 0.04
CVE-2007-5502
OpenSSL FIPS Object Module 1.1.1 - Predictable Random Data Generation
Dec 01, 2007
EPSS 0.00
CVE-2007-4995
OpenSSL 0.9.8 - Remote Code Execution via DTLS Off-by-One Error
Oct 13, 2007
EPSS 0.11
CVE-2007-5135
OpenSSL 0.9.7-0.9.7l and 0.9.8-0.9.8f - Remote Code Execution via SSL_get_shared_ciphers Buffer Underflow
Sep 27, 2007
EPSS 0.53
Products
openssl 267 OpenSSL 46 fips_object_module 1
Quick Filters
Critical CVEs With Exploits In CISA KEV