openssl
298 tracked vulnerabilities.
CVE-2019-1552
LOW
OpenSSL 1.0.2-1.0.2s - Improper Certificate Validation via OPENSSLDIR Configuration
Jul 30, 2019
CVSS 3.3
EPSS 0.01
CVE-2019-1543
HIGH
OpenSSL 1.1.0-1.1.0j - Nonce Reuse in ChaCha20-Poly1305
Mar 06, 2019
CVSS 7.4
EPSS 0.06
CVE-2019-1559
MEDIUM
OpenSSL 1.0.2-1.0.2q - Padding Oracle via SSL_shutdown Double Call
Feb 27, 2019
CVSS 5.9
EPSS 0.17
CVE-2018-5407
MEDIUM
Ubuntu Linux - Exposure of Sensitive Information via SMT Port Contention Timing Attack
Nov 15, 2018
CVSS 4.7
EPSS 0.03
CVE-2018-0734
MEDIUM
OpenSSL 1.0.2-1.0.2p 1.1.0-1.1.0i 1.1.1 - Timing Side Channel Attack via DSA Signature Algorithm
Oct 30, 2018
CVSS 5.9
EPSS 0.12
CVE-2018-0735
MEDIUM
OpenSSL 1.1.0-1.1.0i and 1.1.1 - Timing Side Channel Attack in ECDSA Signature Algorithm
Oct 29, 2018
CVSS 5.9
EPSS 0.05
CVE-2018-0732
HIGH
OpenSSL 1.0.2-1.0.2o and 1.1.0-1.1.0h - Denial of Service via Large DH Prime in TLS Handshake
Jun 12, 2018
CVSS 7.5
EPSS 0.49
CVE-2018-0737
MEDIUM
OpenSSL 1.0.2b-1.0.2o and 1.1.0-1.1.0h - Private Key Recovery via Cache Timing Side Channel
Apr 16, 2018
CVSS 5.9
EPSS 0.12
CVE-2018-0739
MEDIUM
OpenSSL 1.0.2b-1.0.2n - Denial of Service via ASN.1 Recursive Type Parsing
Mar 27, 2018
CVSS 6.5
EPSS 0.19
CVE-2018-0733
MEDIUM
OpenSSL 1.1.0-1.1.0g - Authentication Bypass via PA-RISC CRYPTO_memcmp Bit Comparison
Mar 27, 2018
CVSS 5.9
EPSS 0.09
CVE-2017-3738
MEDIUM
AVX2 Montgomery multiplication - Buffer Overflow
Dec 07, 2017
CVSS 5.9
EPSS 0.13
CVE-2017-3737
MEDIUM
OpenSSL 1.0.2b-1.0.2m - Unencrypted Data Exposure via SSL_read/SSL_write After Fatal Error
Dec 07, 2017
CVSS 5.9
EPSS 0.79
CVE-2017-3736
MEDIUM
OpenSSL <1.0.2m, 1.1.0<1.1.0g - Memory Corruption
Nov 02, 2017
CVSS 6.5
EPSS 0.10
CVE-2017-3735
MEDIUM
OpenSSL <1.0.2m, 1.1.0g - Info Disclosure
Aug 28, 2017
CVSS 5.3
EPSS 0.18
CVE-2017-3733
HIGH
OpenSSL 1.1.0-1.1.0d - Denial of Service via Encrypt-Then-Mac Renegotiation
May 04, 2017
CVSS 7.5
EPSS 0.13
CVE-2017-3732
MEDIUM
OpenSSL <1.0.2k, 1.1.0<1.1.0d - Memory Corruption
May 04, 2017
CVSS 5.9
EPSS 0.16
CVE-2017-3731
HIGH
OpenSSL <1.1.0/1.0.2 - Use After Free
May 04, 2017
CVSS 7.5
EPSS 0.58
CVE-2017-3730
HIGH
OpenSSL 1.1.0 - Denial of Service via NULL Pointer Dereference in DHE/ECDHE Key Exchange
May 04, 2017
CVSS 7.5
EPSS 0.55
CVE-2016-7056
MEDIUM
OpenSSL < 1.0.1u - Timing Attack ECDSA P-256 Private Key Recovery
Sep 10, 2018
CVSS 5.5
EPSS 0.01
CVE-2016-8610
HIGH
OpenSSL 0.9.8 1.0.1 1.0.2-1.0.2h 1.1.0 - Denial of Service via ALERT Packet Processing
Nov 13, 2017
CVSS 7.5
EPSS 0.40
CVE-2016-7055
MEDIUM
OpenSSL 1.0.2-1.1.0c - Carry Propagating Bug in Montgomery Multiplication
May 04, 2017
CVSS 5.9
EPSS 0.14
CVE-2016-7054
HIGH
OpenSSL 1.1.0-1.1.0b - Denial of Service via CHACHA20-POLY1305 Cipher Payload Corruption
May 04, 2017
CVSS 7.5
EPSS 0.32
CVE-2016-7053
HIGH
OpenSSL 1.1.0-1.1.0b - NULL Pointer Dereference in ASN.1 CHOICE Type Handling
May 04, 2017
CVSS 7.5
EPSS 0.22
CVE-2016-7052
HIGH
Novell Suse Linux Enterprise Module F... - NULL Pointer Dereference
Sep 26, 2016
CVSS 7.5
EPSS 0.30
CVE-2016-6309
CRITICAL
OpenSSL 1.1.0a - Use-After-Free in statem/statem.c
Sep 26, 2016
CVSS 9.8
EPSS 0.70
Products
Quick Filters