openssl

280 tracked vulnerabilities.

CVE-2014-3513
OpenSSL 1.0.1 - Denial of Service via DTLS SRTP Handshake Message
Oct 19, 2014
EPSS 0.36
CVE-2014-3566 LOW
SSL/TLS Version Detection
Oct 15, 2014
CVSS 3.4
EPSS 0.94
CVE-2014-5139
OpenSSL 1.0.1 - Denial of Service via SRP Ciphersuite ServerHello Message
Aug 13, 2014
EPSS 0.34
CVE-2014-3512
OpenSSL 1.0.1 - Buffer Overflow in SRP Parameter Handling
Aug 13, 2014
EPSS 0.40
CVE-2014-3511
OpenSSL 1.0.1 - Protocol Downgrade via ClientHello Message Fragmentation
Aug 13, 2014
EPSS 0.05
CVE-2014-3510
OpenSSL 0.9.8-0.9.8za 1.0.0-1.0.0m 1.0.1-1.0.1h - Denial of Service via DTLS Handshake Message
Aug 13, 2014
EPSS 0.15
CVE-2014-3509
OpenSSL 1.0.0-1.0.0m and 1.0.1-1.0.1h - Denial of Service via EC Supported Point Formats Extension Race Condition
Aug 13, 2014
EPSS 0.13
CVE-2014-3508
OpenSSL 0.9.8-0.9.8za 1.0.0-1.0.0m 1.0.1-1.0.1h - Information Exposure via OBJ_obj2txt Pretty Printing
Aug 13, 2014
EPSS 0.03
CVE-2014-3507
OpenSSL 0.9.8-0.9.8za 1.0.0-1.0.0m 1.0.1-1.0.1h - Denial of Service via DTLS Fragment Handling
Aug 13, 2014
EPSS 0.66
CVE-2014-3506
OpenSSL 0.9.8-0.9.8zb 1.0.0-1.0.0n 1.0.1-1.0.1i - Denial of Service via DTLS Handshake Message Length Values
Aug 13, 2014
EPSS 0.52
CVE-2014-3505
OpenSSL 0.9.8-0.9.8zb 1.0.0-1.0.0n 1.0.1-1.0.1i - Denial of Service via DTLS Packet Processing
Aug 13, 2014
EPSS 0.41
CVE-2014-3470
OpenSSL < 0.9.8za, 1.0.0 < 1.0.0m, 1.0.1 < 1.0.1h - DoS via NULL Pointer Dereference in Anonymous ECDH
Jun 05, 2014
EPSS 0.91
CVE-2014-0224 HIGH
SSL Labs API Client
Jun 05, 2014
CVSS 7.4
EPSS 0.90
CVE-2014-0221
OpenSSL <0.9.8za, <1.0.0m, <1.0.1h - DoS
Jun 05, 2014
EPSS 0.82
CVE-2014-0195
OpenSSL DTLS Fragment Buffer Overflow DoS
Jun 05, 2014
EPSS 0.93
CVE-2014-0198
OpenSSL 1.0.0-1.0.1g - Denial of Service via NULL Pointer Dereference in do_ssl3_write
May 06, 2014
EPSS 0.33
CVE-2014-0160 HIGH KEVNUCLEI
OpenSSL 1.0.1-1.0.1f - Out-of-bounds Read via Heartbeat Extension
Apr 07, 2014
CVSS 7.5
EPSS 0.94
CVE-2014-0076
OpenSSL < 1.0.0l - ECDSA Nonce Exposure via FLUSH+RELOAD Cache Side-Channel Attack
Mar 25, 2014
EPSS 0.00
CVE-2013-4353
OpenSSL 1.0.1 - Denial of Service via Crafted Next Protocol Negotiation Record
Jan 09, 2014
EPSS 0.22
CVE-2013-6450
OpenSSL 1.0.0-1.0.0k and 1.0.1-1.0.1e - Denial of Service via DTLS Retransmission Context Mismanagement
Jan 01, 2014
EPSS 0.20
CVE-2013-6449
OpenSSL < 1.0.2 - Denial of Service via TLS 1.2 Client Traffic
Dec 23, 2013
EPSS 0.47
CVE-2013-0169
OpenSSL 0.9.8-0.9.8w - Timing Side-Channel Attack via CBC Padding MAC Check
Feb 08, 2013
EPSS 0.01
CVE-2013-0166
OpenSSL < 0.9.8y, 1.0.0 < 1.0.0k, 1.0.1 < 1.0.1d - Denial of Service via Invalid OCSP Response Key
Feb 08, 2013
EPSS 0.10
CVE-2012-2686
OpenSSL 1.0.1 - Denial of Service via Crafted CBC Data in AES-NI
Feb 08, 2013
EPSS 0.63
CVE-2012-2333
OpenSSL <0.9.8x, 1.0.0<1.0.0j, 1.0.1<1.0.1c - DoS
May 14, 2012
EPSS 0.07
Products
openssl 267 OpenSSL 46 fips_object_module 1
Quick Filters
Critical CVEs With Exploits In CISA KEV