openssl

280 tracked vulnerabilities.

CVE-2016-2106 HIGH
OpenSSL < 1.0.1s - Denial of Service via Integer Overflow in EVP_EncryptUpdate
May 05, 2016
CVSS 7.5
EPSS 0.68
CVE-2016-2105 HIGH
Redhat Enterprise Linux Desktop < 5.6.30 - Integer Overflow
May 05, 2016
CVSS 7.5
EPSS 0.42
CVE-2016-2842 CRITICAL
OpenSSL 1.0.1-1.0.1r and 1.0.2-1.0.2f - Denial of Service via Memory Allocation Failure in doapr_outch
Mar 03, 2016
CVSS 9.8
EPSS 0.54
CVE-2016-0799 CRITICAL
OpenSSL 1.0.1-1.0.1r and 1.0.2-1.0.2f - Denial of Service via fmtstr Function
Mar 03, 2016
CVSS 9.8
EPSS 0.44
CVE-2016-0798 HIGH
OpenSSL <1.0.1s/1.0.2g - Memory Consumption
Mar 03, 2016
CVSS 7.5
EPSS 0.26
CVE-2016-0797 HIGH
OpenSSL 1.0.1-1.0.1s and 1.0.2-1.0.2g - Denial of Service via BN_dec2bn and BN_hex2bn Integer Overflow
Mar 03, 2016
CVSS 7.5
EPSS 0.34
CVE-2016-0705 CRITICAL
OpenSSL <1.0.1s, <1.0.2g - Memory Corruption
Mar 03, 2016
CVSS 9.8
EPSS 0.22
CVE-2016-0702 MEDIUM
OpenSSL <1.0.1s-1.0.2g - Info Disclosure
Mar 03, 2016
CVSS 5.1
EPSS 0.00
CVE-2016-0704 MEDIUM
OpenSSL < 0.9.8ze - Exposure of Sensitive Information via SSLv2 Export Cipher Suite
Mar 02, 2016
CVSS 5.9
EPSS 0.06
CVE-2016-0703 MEDIUM
OpenSSL < 0.9.8zf, 1.0.0 < 1.0.0r, 1.0.1 < 1.0.1m, 1.0.2 < 1.0.2a - SSLv2 CLIENT-MASTER-KEY Info Exposure
Mar 02, 2016
CVSS 5.9
EPSS 0.05
CVE-2016-0800 MEDIUM
OpenSSL <1.0.1s, 1.0.2 before 1.0.2g - RCE
Mar 01, 2016
CVSS 5.9
EPSS 0.90
CVE-2016-0701 LOW
OpenSSL 1.0.2 - Exposure of Sensitive Information via DH Key Exchange
Feb 15, 2016
CVSS 3.7
EPSS 0.27
CVE-2015-3197 MEDIUM
OpenSSL <1.0.1r-1.0.2f - Info Disclosure
Feb 15, 2016
CVSS 5.9
EPSS 0.14
CVE-2015-3196
OpenSSL 1.0.0-1.0.0s 1.0.1-1.0.1o 1.0.2-1.0.2c - Denial of Service via PSK Identity Hint Race Condition
Dec 06, 2015
EPSS 0.07
CVE-2015-3195 MEDIUM
OpenSSL <1.0.2e - Info Disclosure
Dec 06, 2015
CVSS 5.3
EPSS 0.03
CVE-2015-3194 HIGH
OpenSSL 1.0.1-1.0.1q and 1.0.2-1.0.2e - Denial of Service via RSA PSS ASN.1 Signature
Dec 06, 2015
CVSS 7.5
EPSS 0.52
CVE-2015-3193 HIGH
OpenSSL 1.0.2 - Exposure of Sensitive Private-Key Information via Montgomery Squaring Implementation
Dec 06, 2015
CVSS 7.5
EPSS 0.30
CVE-2015-1794
OpenSSL 1.0.2 - Denial of Service via Zero p Value in Anonymous DH ServerKeyExchange
Dec 06, 2015
EPSS 0.10
CVE-2015-1793 MEDIUM
Oracle Supply Chain Products Suite < 2.0.0.6 - Security Feature Bypass
Jul 09, 2015
CVSS 6.5
EPSS 0.76
CVE-2015-3216
Red Hat Enterprise Linux 7 - Denial of Service via PRNG Lock Race Condition
Jul 07, 2015
EPSS 0.02
CVE-2015-1792
OpenSSL < 0.9.8zg, 1.0.0 < 1.0.0s, 1.0.1 < 1.0.1n, 1.0.2 < 1.0.2b - Denial of Service via NULL BIO Data Structure
Jun 12, 2015
EPSS 0.12
CVE-2015-1791
OpenSSL < 0.9.8zg, 1.0.0 < 1.0.0s, 1.0.1 < 1.0.1n, 1.0.2 < 1.0.2b - DoS via Race Condition
Jun 12, 2015
EPSS 0.10
CVE-2015-1790
OpenSSL < 0.9.8zg, 1.0.0 < 1.0.0s, 1.0.1 < 1.0.1n, 1.0.2 < 1.0.2b DoS via PKCS7_dataDecode
Jun 12, 2015
EPSS 0.10
CVE-2015-1789 HIGH
OpenSSL < 0.9.8zg, 1.0.0 < 1.0.0s, 1.0.1 < 1.0.1n, 1.0.2 < 1.0.2b - Denial of Service via ASN1_TIME Length Field
Jun 12, 2015
CVSS 7.5
EPSS 0.05
CVE-2015-1788
OpenSSL < 0.9.8s, 1.0.0 < 1.0.0e, 1.0.1 < 1.0.1n, 1.0.2 < 1.0.2b - Denial of Service via Malformed ECParameters
Jun 12, 2015
EPSS 0.16
Products
openssl 267 OpenSSL 46 fips_object_module 1
Quick Filters
Critical CVEs With Exploits In CISA KEV