Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

openssl openssl 1.1.0c vulnerabilities and exploits

(subscribe to this query)
2.6
CVSSv2
CVE-2016-7055
There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 prior to 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are imp...
Openssl OpensslNodejs Node.js
5
CVSSv2
CVE-2017-3730
In OpenSSL 1.1.0 prior to 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack.
Openssl Openssl 1.1.0cOpenssl Openssl 1.1.0Openssl Openssl 1.1.0bOpenssl Openssl 1.1.0aOracle Agile Engineering Data Management 6.2.0Oracle Jd Edwards World Security A9.2Oracle Communications Eagle Lnp Application Processor 10.1Oracle Communications Application Session Controller 3.7.1Oracle Jd Edwards World Security A9.4Oracle Jd Edwards Enterpriseone Tools 9.2Oracle Communications Operations Monitor 3.4Oracle Communications Operations Monitor 4.0Oracle Agile Engineering Data Management 6.1.3Oracle Jd Edwards World Security A9.1Oracle Jd Edwards World Security A9.3Oracle Communications Eagle Lnp Application Processor 10.0Oracle Communications Eagle Lnp Application Processor 10.2Oracle Communications Application Session Controller 3.8.0
5
CVSSv2
CVE-2017-3733
During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 prior to 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected.
Openssl Openssl 1.1.0Openssl Openssl 1.1.0cOpenssl Openssl 1.1.0dOpenssl Openssl 1.1.0aOpenssl Openssl 1.1.0bHp Operations Agent 11.15Hp Operations Agent 11.14
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook