openssl

280 tracked vulnerabilities.

CVE-2020-1971 MEDIUM
OpenSSL 1.0.2-1.0.2w and 1.1.1-1.1.1h - Denial of Service via EDIPARTYNAME NULL Pointer Dereference
Dec 08, 2020
CVSS 5.9
EPSS 0.00
CVE-2020-1968 LOW
OpenSSL 1.0.2-1.0.2v - Pre-Master Secret Disclosure via Raccoon Attack
Sep 09, 2020
CVSS 3.7
EPSS 0.01
CVE-2020-1967 HIGH
OpenSSL 1.1.1d-1.1.1f - Denial of Service via Invalid Signature Algorithm in TLS 1.3 Handshake
Apr 21, 2020
CVSS 7.5
EPSS 0.61
CVE-2019-1551 MEDIUM
x64_64 Montgomery squaring procedure - Buffer Overflow
Dec 06, 2019
CVSS 5.3
EPSS 0.03
CVE-2019-1563 LOW
OpenSSL 1.0.2-1.0.2s - Bleichenbacher Padding Oracle Attack via CMS/PKCS7 Decryption
Sep 10, 2019
CVSS 3.7
EPSS 0.01
CVE-2019-1549 MEDIUM
OpenSSL 1.1.1-1.1.1c - Use of Insufficiently Random Values
Sep 10, 2019
CVSS 5.3
EPSS 0.03
CVE-2019-1547 MEDIUM
OpenSSL 1.0.2-1.0.2s - Side Channel Attack via EC Group Explicit Parameters
Sep 10, 2019
CVSS 4.7
EPSS 0.00
CVE-2019-1552 LOW
OpenSSL 1.0.2-1.0.2s - Improper Certificate Validation via OPENSSLDIR Configuration
Jul 30, 2019
CVSS 3.3
EPSS 0.00
CVE-2019-1543 HIGH
OpenSSL 1.1.0-1.1.0j - Nonce Reuse in ChaCha20-Poly1305
Mar 06, 2019
CVSS 7.4
EPSS 0.03
CVE-2019-1559 MEDIUM
OpenSSL 1.0.2-1.0.2q - Padding Oracle via SSL_shutdown Double Call
Feb 27, 2019
CVSS 5.9
EPSS 0.05
CVE-2018-5407 MEDIUM
Ubuntu Linux - Exposure of Sensitive Information via SMT Port Contention Timing Attack
Nov 15, 2018
CVSS 4.7
EPSS 0.01
CVE-2018-0734 MEDIUM
OpenSSL 1.0.2-1.0.2p 1.1.0-1.1.0i 1.1.1 - Timing Side Channel Attack via DSA Signature Algorithm
Oct 30, 2018
CVSS 5.9
EPSS 0.05
CVE-2018-0735 MEDIUM
OpenSSL 1.1.0-1.1.0i and 1.1.1 - Timing Side Channel Attack in ECDSA Signature Algorithm
Oct 29, 2018
CVSS 5.9
EPSS 0.05
CVE-2018-0732 HIGH
OpenSSL 1.0.2-1.0.2o and 1.1.0-1.1.0h - Denial of Service via Large DH Prime in TLS Handshake
Jun 12, 2018
CVSS 7.5
EPSS 0.78
CVE-2018-0737 MEDIUM
OpenSSL 1.0.2b-1.0.2o and 1.1.0-1.1.0h - Private Key Recovery via Cache Timing Side Channel
Apr 16, 2018
CVSS 5.9
EPSS 0.38
CVE-2018-0739 MEDIUM
OpenSSL 1.0.2b-1.0.2n - Denial of Service via ASN.1 Recursive Type Parsing
Mar 27, 2018
CVSS 6.5
EPSS 0.14
CVE-2018-0733 MEDIUM
OpenSSL 1.1.0-1.1.0g - Authentication Bypass via PA-RISC CRYPTO_memcmp Bit Comparison
Mar 27, 2018
CVSS 5.9
EPSS 0.02
CVE-2017-3738 MEDIUM
AVX2 Montgomery multiplication - Buffer Overflow
Dec 07, 2017
CVSS 5.9
EPSS 0.16
CVE-2017-3737 MEDIUM
OpenSSL 1.0.2b-1.0.2m - Unencrypted Data Exposure via SSL_read/SSL_write After Fatal Error
Dec 07, 2017
CVSS 5.9
EPSS 0.43
CVE-2017-3736 MEDIUM
OpenSSL <1.0.2m, 1.1.0<1.1.0g - Memory Corruption
Nov 02, 2017
CVSS 6.5
EPSS 0.08
CVE-2017-3735 MEDIUM
OpenSSL <1.0.2m, 1.1.0g - Info Disclosure
Aug 28, 2017
CVSS 5.3
EPSS 0.39
CVE-2017-3733 HIGH
OpenSSL 1.1.0-1.1.0d - Denial of Service via Encrypt-Then-Mac Renegotiation
May 04, 2017
CVSS 7.5
EPSS 0.03
CVE-2017-3732 MEDIUM
OpenSSL <1.0.2k, 1.1.0<1.1.0d - Memory Corruption
May 04, 2017
CVSS 5.9
EPSS 0.05
CVE-2017-3731 HIGH
OpenSSL <1.1.0/1.0.2 - Use After Free
May 04, 2017
CVSS 7.5
EPSS 0.09
CVE-2017-3730 HIGH
OpenSSL 1.1.0 - Denial of Service via NULL Pointer Dereference in DHE/ECDHE Key Exchange
May 04, 2017
CVSS 7.5
EPSS 0.53
Products
openssl 267 OpenSSL 46 fips_object_module 1
Quick Filters
Critical CVEs With Exploits In CISA KEV