openssl
298 tracked vulnerabilities.
CVE-2024-0727
MEDIUM
OpenSSL 1.0.2-1.0.2zj, 1.1.1-1.1.1w, 3.0.0-3.0.12, 3.1.0-3.1.4, 3.2.0 - DoS via PKCS12 NULL Pointer Dereference
Jan 26, 2024
CVSS 5.5
EPSS 0.03
CVE-2023-6237
MEDIUM
OpenSSL 3.0.0-3.0.12, 3.1.0-3.1.4, 3.2.0 - Denial of Service via RSA Public Key Validation
Apr 25, 2024
CVSS 5.9
EPSS 0.02
CVE-2023-6129
MEDIUM
OpenSSL - PowerPC CPU - Memory Corruption
Jan 09, 2024
CVSS 6.5
EPSS 0.02
CVE-2023-5678
MEDIUM
OpenSSL 1.0.2-1.0.2zj, 1.1.1-1.1.1x, 3.0.0-3.0.13, 3.1.0-3.1.5 - DoS via Excessive X9.42 DH Key Length
Nov 06, 2023
CVSS 5.3
EPSS 0.04
CVE-2023-5363
HIGH
OpenSSL 3.0.0-3.0.11 and 3.1.0-3.1.3 - Loss of Confidentiality via IV Truncation in Symmetric Cipher Initialization
Oct 25, 2023
CVSS 7.5
EPSS 0.03
CVE-2023-4807
HIGH
OpenSSL 1.1.1-1.1.1w - Denial of Service via POLY1305 MAC State Corruption on Windows 64
Sep 08, 2023
CVSS 7.8
EPSS 0.01
CVE-2023-3817
MEDIUM
OpenSSL 3.0.0-3.0.9 - Denial of Service via DH Parameter Check
Jul 31, 2023
CVSS 5.3
EPSS 0.03
CVE-2023-3446
MEDIUM
OpenSSL - Denial of Service via DH Parameter Check
Jul 19, 2023
CVSS 5.3
EPSS 0.06
CVE-2023-2975
MEDIUM
OpenSSL 3.0.0-3.0.8 - Improper Authentication in AES-SIV Cipher
Jul 14, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-2650
MEDIUM
OpenSSL - Denial of Service via ASN.1 Object Identifier Processing
May 30, 2023
CVSS 6.5
EPSS 0.75
CVE-2023-1255
MEDIUM
OpenSSL 3.0.0-3.0.8 - Denial of Service via AES-XTS Cipher Decryption Buffer Overread
Apr 20, 2023
CVSS 5.9
EPSS 0.01
CVE-2023-0466
MEDIUM
OpenSSL 1.0.2-1.0.2zh - Improper Certificate Validation via X509_VERIFY_PARAM_add0_policy
Mar 28, 2023
CVSS 5.3
EPSS 0.02
CVE-2023-0465
MEDIUM
OpenSSL 1.0.2-1.0.2zh - Improper Certificate Validation via Policy Processing
Mar 28, 2023
CVSS 5.3
EPSS 0.02
CVE-2023-0464
HIGH
OpenSSL 1.0.2-1.0.2zh - Denial of Service via Malicious X.509 Certificate Chain with Policy Constraints
Mar 22, 2023
CVSS 7.5
EPSS 0.04
CVE-2023-0401
HIGH
OpenSSL 3.0.0-3.0.6 - NULL Pointer Dereference in PKCS7 Signature Verification
Feb 08, 2023
CVSS 7.5
EPSS 0.02
CVE-2023-0286
HIGH
OpenSSL 1.0.2-1.0.2zg - Type Confusion in X.400 Address Processing
Feb 08, 2023
CVSS 7.4
EPSS 0.60
CVE-2023-0217
HIGH
OpenSSL 3.0.0-3.0.6 - Denial of Service via Malformed DSA Public Key Check
Feb 08, 2023
CVSS 7.5
EPSS 0.02
CVE-2023-0216
HIGH
OpenSSL 3.0.0-3.0.6 - Denial of Service via Malformed PKCS7 Data
Feb 08, 2023
CVSS 7.5
EPSS 0.02
CVE-2023-0215
HIGH
OpenSSL 1.0.2-1.0.2zg - Use-After-Free in BIO_new_NDEF
Feb 08, 2023
CVSS 7.5
EPSS 0.04
CVE-2022-4203
MEDIUM
OpenSSL 3.0.0-3.0.7 - Out-of-bounds Read in X.509 Name Constraint Checking
Feb 24, 2023
CVSS 4.9
EPSS 0.01
CVE-2022-4450
HIGH
OpenSSL 1.1.1-1.1.1s - Double Free in PEM_read_bio_ex
Feb 08, 2023
CVSS 7.5
EPSS 0.20
CVE-2022-4304
MEDIUM
OpenSSL - Timing Side-Channel Attack in RSA Decryption
Feb 08, 2023
CVSS 5.9
EPSS 0.16
CVE-2022-3996
HIGH
OpenSSL 3.0.0-3.0.6 - Denial of Service via Malformed X.509 Policy Constraint
Dec 13, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-3786
HIGH
OpenSSL 3.0.0-3.0.7 - Buffer Overflow in X.509 Certificate Name Constraint Checking
Nov 01, 2022
CVSS 7.5
EPSS 0.92
CVE-2022-3602
HIGH
OpenSSL 3.0.0-3.0.6 - Buffer Overflow in X.509 Certificate Name Constraint Checking
Nov 01, 2022
CVSS 7.5
EPSS 0.91
Products
Quick Filters