openssl

280 tracked vulnerabilities.

CVE-2007-3108
OpenSSL < 0.9.8e - RSA Private Key Exposure via Montgomery Multiplication Side-Channel
Aug 08, 2007
EPSS 0.00
CVE-2006-7250
OpenSSL < 0.9.8t - Denial of Service via Crafted S/MIME Message
Feb 29, 2012
EPSS 0.02
CVE-2006-2937
OpenSSL 0.9.7-0.9.7k and 0.9.8-0.9.8c - Denial of Service via Malformed ASN.1 Structures
Sep 28, 2006
EPSS 0.05
CVE-2006-2940
OpenSSL 0.9.7-0.9.7k and 0.9.8-0.9.8c - Denial of Service via Large RSA Public Key Parameters
Sep 28, 2006
EPSS 0.03
CVE-2006-3738
OpenSSL 0.9.7-0.9.7k and 0.9.8-0.9.8c - Buffer Overflow via Long Cipher List
Sep 28, 2006
EPSS 0.54
CVE-2006-4343
OpenSSL 0.9.7-0.9.7k and 0.9.8-0.9.8c - Denial of Service via Null Pointer Dereference in SSLv2 Client
Sep 28, 2006
EPSS 0.07
CVE-2006-4339
OpenSSL < 0.9.7 - PKCS #1 v1.5 Signature Forgery via RSA Key with Exponent 3
Sep 05, 2006
EPSS 0.04
CVE-2005-2969
OpenSSL <0.9.7h-0.9.8a - Protocol Version Rollback
Oct 18, 2005
EPSS 0.09
CVE-2005-2946 HIGH
OpenSSL < 0.9.8 - Use of a Broken or Risky Cryptographic Algorithm
Sep 16, 2005
CVSS 7.5
EPSS 0.00
CVE-2005-1797
OpenSSL - Timing Attack on AES S-box Lookups
May 26, 2005
EPSS 0.00
CVE-2004-0975
Trustix Secure Linux <2.1 - Local File Overwrite
Feb 09, 2005
EPSS 0.00
CVE-2004-0079 HIGH
Cisco Firewall Services Module - NULL Pointer Dereference
Nov 23, 2004
CVSS 7.5
EPSS 0.02
CVE-2004-0081
Cisco Firewall Services Module - Denial of Service
Nov 23, 2004
EPSS 0.02
CVE-2004-0112
Avaya Vsu - Out-of-Bounds Read
Nov 23, 2004
EPSS 0.01
CVE-2003-0851
OpenSSL 0.9.6k - DoS
Dec 01, 2003
EPSS 0.04
CVE-2003-0543
OpenSSL 0.9.6 and 0.9.7 - Denial of Service via ASN.1 Tag Integer Overflow
Nov 17, 2003
EPSS 0.43
CVE-2003-0544
OpenSSL 0.9.6 and 0.9.7 - Denial of Service via ASN.1 Input Buffer Overflow
Nov 17, 2003
EPSS 0.26
CVE-2003-0545 CRITICAL
OpenSSL 0.9.7 - Double Free via Invalid ASN.1 Encoding in SSL Client Certificate
Nov 17, 2003
CVSS 9.8
EPSS 0.75
CVE-2003-0147
OpenSSL - Info Disclosure
Mar 31, 2003
EPSS 0.29
CVE-2003-0131
OpenSSL 0.9.6i and earlier, 0.9.7, 0.9.7a - Unauthorized RSA Private Key Operation via Klima-Pokorny-Rosa Attack
Mar 24, 2003
EPSS 0.18
CVE-2003-0078
OpenSSL < 0.9.7a and 0.9.6 < 0.9.6i - Timing Side-Channel Attack via Incorrect Block Cipher Padding
Mar 03, 2003
EPSS 0.13
CVE-2002-1568
OpenSSL 0.9.6e - Denial of Service via SSLv2 CLIENT_MASTER_KEY Assertion Failure
Nov 17, 2003
EPSS 0.01
CVE-2002-0655
OpenSSL 0.9.6d and earlier, 0.9.7-beta2 and earlier - Denial of Service and Possible Remote Code Execution
Aug 12, 2002
EPSS 0.01
CVE-2002-0656
OpenSSL 0.9.6d and earlier, 0.9.7-beta2 and earlier - Remote Code Execution via Large Client Master Key or Session ID
Aug 12, 2002
EPSS 0.88
CVE-2002-0657
OpenSSL 0.9.7 - Buffer Overflow via Long Master Key with Kerberos Enabled
Aug 12, 2002
EPSS 0.04
Products
openssl 267 OpenSSL 46 fips_object_module 1
Quick Filters
Critical CVEs With Exploits In CISA KEV