openssl

280 tracked vulnerabilities.

CVE-2016-7056 MEDIUM
OpenSSL < 1.0.1u - Timing Attack ECDSA P-256 Private Key Recovery
Sep 10, 2018
CVSS 5.5
EPSS 0.00
CVE-2016-8610 HIGH
OpenSSL 0.9.8 1.0.1 1.0.2-1.0.2h 1.1.0 - Denial of Service via ALERT Packet Processing
Nov 13, 2017
CVSS 7.5
EPSS 0.71
CVE-2016-7055 MEDIUM
OpenSSL 1.0.2-1.1.0c - Carry Propagating Bug in Montgomery Multiplication
May 04, 2017
CVSS 5.9
EPSS 0.03
CVE-2016-7054 HIGH
OpenSSL 1.1.0-1.1.0b - Denial of Service via CHACHA20-POLY1305 Cipher Payload Corruption
May 04, 2017
CVSS 7.5
EPSS 0.25
CVE-2016-7053 HIGH
OpenSSL 1.1.0-1.1.0b - NULL Pointer Dereference in ASN.1 CHOICE Type Handling
May 04, 2017
CVSS 7.5
EPSS 0.01
CVE-2016-7052 HIGH
Novell Suse Linux Enterprise Module F... - NULL Pointer Dereference
Sep 26, 2016
CVSS 7.5
EPSS 0.10
CVE-2016-6309 CRITICAL
OpenSSL 1.1.0a - Use-After-Free in statem/statem.c
Sep 26, 2016
CVSS 9.8
EPSS 0.28
CVE-2016-6308 MEDIUM
OpenSSL 1.1.0 - Denial of Service via DTLS Message Length Check Bypass
Sep 26, 2016
CVSS 5.9
EPSS 0.19
CVE-2016-6307 MEDIUM
OpenSSL 1.1.0 - Denial of Service via Excessive TLS Message Length
Sep 26, 2016
CVSS 5.9
EPSS 0.13
CVE-2016-6306 MEDIUM
OpenSSL < 1.0.1u and 1.0.2 < 1.0.2i - Denial of Service via Certificate Parser Out-of-bounds Read
Sep 26, 2016
CVSS 5.9
EPSS 0.08
CVE-2016-6305 HIGH
OpenSSL 1.1.0 - Denial of Service via Zero-Length Record in SSL_peek
Sep 26, 2016
CVSS 7.5
EPSS 0.25
CVE-2016-6304 HIGH
OpenSSL <1.0.1u, <1.0.2i, <1.1.0a - DoS
Sep 26, 2016
CVSS 7.5
EPSS 0.18
CVE-2016-6303 CRITICAL
Node.js < 0.12.16 - Out-of-bounds Write in MDC2_Update
Sep 16, 2016
CVSS 9.8
EPSS 0.26
CVE-2016-6302 HIGH
OpenSSL - Denial of Service via Short TLS Ticket
Sep 16, 2016
CVSS 7.5
EPSS 0.10
CVE-2016-2182 CRITICAL
HP Icewall Federation Agent - Out-of-Bounds Write
Sep 16, 2016
CVSS 9.8
EPSS 0.29
CVE-2016-2181 HIGH
OpenSSL - Denial of Service via DTLS Anti-Replay Feature
Sep 16, 2016
CVSS 7.5
EPSS 0.24
CVE-2016-2179 HIGH
OpenSSL - Denial of Service via DTLS Out-of-Order Message Queue
Sep 16, 2016
CVSS 7.5
EPSS 0.18
CVE-2016-2183 HIGH
Redhat Jboss Enterprise Application Platform - Information Disclosure
Sep 01, 2016
CVSS 7.5
EPSS 0.38
CVE-2016-2180 HIGH
OpenSSL - Denial of Service via Crafted Time-Stamp File in TS_OBJ_print_bio
Aug 01, 2016
CVSS 7.5
EPSS 0.05
CVE-2016-2178 MEDIUM
OpenSSL - Timing Side-Channel Attack in DSA Signing
Jun 20, 2016
CVSS 5.5
EPSS 0.00
CVE-2016-2177 CRITICAL
HP Icewall Mcrp - Integer Overflow
Jun 20, 2016
CVSS 9.8
EPSS 0.29
CVE-2016-2176 HIGH
OpenSSL < 1.0.1s - Buffer Over-Read via EBCDIC ASN.1 Data
May 05, 2016
CVSS 8.2
EPSS 0.08
CVE-2016-2109 HIGH
OpenSSL < 1.0.1s - Denial of Service via ASN.1 BIO Short Invalid Encoding
May 05, 2016
CVSS 7.5
EPSS 0.59
CVE-2016-2108 CRITICAL
Redhat Enterprise Linux Desktop < 1.0.1n - Memory Corruption
May 05, 2016
CVSS 9.8
EPSS 0.37
CVE-2016-2107 MEDIUM
Redhat Enterprise Linux Desktop < 1.0.1s - Information Disclosure
May 05, 2016
CVSS 5.9
EPSS 0.80
Products
openssl 267 OpenSSL 46 fips_object_module 1
Quick Filters
Critical CVEs With Exploits In CISA KEV