openssl

298 tracked vulnerabilities.

CVE-2016-6308 MEDIUM
OpenSSL 1.1.0 - Denial of Service via DTLS Message Length Check Bypass
Sep 26, 2016
CVSS 5.9
EPSS 0.14
CVE-2016-6307 MEDIUM
OpenSSL 1.1.0 - Denial of Service via Excessive TLS Message Length
Sep 26, 2016
CVSS 5.9
EPSS 0.14
CVE-2016-6306 MEDIUM
OpenSSL < 1.0.1u and 1.0.2 < 1.0.2i - Denial of Service via Certificate Parser Out-of-bounds Read
Sep 26, 2016
CVSS 5.9
EPSS 0.42
CVE-2016-6305 HIGH
OpenSSL 1.1.0 - Denial of Service via Zero-Length Record in SSL_peek
Sep 26, 2016
CVSS 7.5
EPSS 0.16
CVE-2016-6304 HIGH
OpenSSL <1.0.1u, <1.0.2i, <1.1.0a - DoS
Sep 26, 2016
CVSS 7.5
EPSS 0.63
CVE-2016-6303 CRITICAL
Node.js < 0.12.16 - Out-of-bounds Write in MDC2_Update
Sep 16, 2016
CVSS 9.8
EPSS 0.32
CVE-2016-6302 HIGH
OpenSSL - Denial of Service via Short TLS Ticket
Sep 16, 2016
CVSS 7.5
EPSS 0.26
CVE-2016-2182 CRITICAL
HP Icewall Federation Agent - Out-of-Bounds Write
Sep 16, 2016
CVSS 9.8
EPSS 0.44
CVE-2016-2181 HIGH
OpenSSL - Denial of Service via DTLS Anti-Replay Feature
Sep 16, 2016
CVSS 7.5
EPSS 0.23
CVE-2016-2179 HIGH
OpenSSL - Denial of Service via DTLS Out-of-Order Message Queue
Sep 16, 2016
CVSS 7.5
EPSS 0.27
CVE-2016-2183 HIGH
Redhat Jboss Enterprise Application Platform - Information Disclosure
Sep 01, 2016
CVSS 7.5
EPSS 0.96
CVE-2016-2180 HIGH
OpenSSL - Denial of Service via Crafted Time-Stamp File in TS_OBJ_print_bio
Aug 01, 2016
CVSS 7.5
EPSS 0.29
CVE-2016-2178 MEDIUM
OpenSSL - Timing Side-Channel Attack in DSA Signing
Jun 20, 2016
CVSS 5.5
EPSS 0.01
CVE-2016-2177 CRITICAL
HP Icewall Mcrp - Integer Overflow
Jun 20, 2016
CVSS 9.8
EPSS 0.45
CVE-2016-2176 HIGH
OpenSSL < 1.0.1s - Buffer Over-Read via EBCDIC ASN.1 Data
May 05, 2016
CVSS 8.2
EPSS 0.23
CVE-2016-2109 HIGH
OpenSSL < 1.0.1s - Denial of Service via ASN.1 BIO Short Invalid Encoding
May 05, 2016
CVSS 7.5
EPSS 0.29
CVE-2016-2108 CRITICAL
Redhat Enterprise Linux Desktop < 1.0.1n - Memory Corruption
May 05, 2016
CVSS 9.8
EPSS 0.78
CVE-2016-2107 MEDIUM
Redhat Enterprise Linux Desktop < 1.0.1s - Information Disclosure
May 05, 2016
CVSS 5.9
EPSS 0.89
CVE-2016-2106 HIGH
OpenSSL < 1.0.1s - Denial of Service via Integer Overflow in EVP_EncryptUpdate
May 05, 2016
CVSS 7.5
EPSS 0.27
CVE-2016-2105 HIGH
Redhat Enterprise Linux Desktop < 5.6.30 - Integer Overflow
May 05, 2016
CVSS 7.5
EPSS 0.40
CVE-2016-2842 CRITICAL
OpenSSL 1.0.1-1.0.1r and 1.0.2-1.0.2f - Denial of Service via Memory Allocation Failure in doapr_outch
Mar 03, 2016
CVSS 9.8
EPSS 0.54
CVE-2016-0799 CRITICAL
OpenSSL 1.0.1-1.0.1r and 1.0.2-1.0.2f - Denial of Service via fmtstr Function
Mar 03, 2016
CVSS 9.8
EPSS 0.32
CVE-2016-0798 HIGH
OpenSSL <1.0.1s/1.0.2g - Memory Consumption
Mar 03, 2016
CVSS 7.5
EPSS 0.24
CVE-2016-0797 HIGH
OpenSSL 1.0.1-1.0.1s and 1.0.2-1.0.2g - Denial of Service via BN_dec2bn and BN_hex2bn Integer Overflow
Mar 03, 2016
CVSS 7.5
EPSS 0.27
CVE-2016-0705 CRITICAL
OpenSSL <1.0.1s, <1.0.2g - Memory Corruption
Mar 03, 2016
CVSS 9.8
EPSS 0.26