Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

openssl openssl 1.0.1f vulnerabilities and exploits

(subscribe to this query)

NA
CVE-2014-5139
The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL servers to cause a denial of service (NULL pointer dereference and client application crash) via a ServerHello message that includes an SRP ciphersuite without the required...
Openssl Openssl 1.0.1Openssl Openssl 1.0.1gOpenssl Openssl 1.0.1hOpenssl Openssl 1.0.1aOpenssl Openssl 1.0.1bOpenssl Openssl 1.0.1eOpenssl Openssl 1.0.1fOpenssl Openssl 1.0.1cOpenssl Openssl 1.0.1d
NA
CVE-2014-3513
Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted handshake message....
Openssl Openssl 1.0.1Openssl Openssl 1.0.1eOpenssl Openssl 1.0.1fOpenssl Openssl 1.0.1aOpenssl Openssl 1.0.1bOpenssl Openssl 1.0.1iOpenssl Openssl 1.0.1cOpenssl Openssl 1.0.1dOpenssl Openssl 1.0.1gOpenssl Openssl 1.0.1h
NA
CVE-2014-8176
The dtls1_clear_queues function in ssl/d1_lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h frees data structures without considering that application data can arrive between a ChangeCipherSpec message and a Finished message, which allows remote DTLS...
Openssl Openssl 1.0.1Openssl Openssl 1.0.0cOpenssl Openssl 1.0.0iOpenssl Openssl 1.0.0Openssl Openssl 1.0.1cOpenssl Openssl 1.0.1gOpenssl Openssl 1.0.0hOpenssl Openssl 1.0.0eOpenssl Openssl 1.0.0fOpenssl Openssl 1.0.0dOpenssl Openssl 1.0.0jOpenssl Openssl 1.0.1aOpenssl Openssl 1.0.1dOpenssl Openssl 1.0.0kOpenssl Openssl 1.0.1bOpenssl Openssl 1.0.1eOpenssl Openssl 1.0.1fOpenssl Openssl 1.0.0lOpenssl OpensslOpenssl Openssl 1.0.0aOpenssl Openssl 1.0.0bOpenssl Openssl 1.0.0g
NA
CVE-2015-0205
The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allows remote attackers to obtain access without...
Openssl Openssl 1.0.0fOpenssl Openssl 1.0.0gOpenssl Openssl 1.0.0oOpenssl Openssl 1.0.1jOpenssl Openssl 1.0.1cOpenssl Openssl 1.0.1bOpenssl Openssl 1.0.0bOpenssl Openssl 1.0.0cOpenssl Openssl 1.0.0jOpenssl Openssl 1.0.0kOpenssl Openssl 1.0.1gOpenssl Openssl 1.0.1fOpenssl Openssl 1.0.0dOpenssl Openssl 1.0.0eOpenssl Openssl 1.0.0lOpenssl Openssl 1.0.0mOpenssl Openssl 1.0.0nOpenssl Openssl 1.0.1eOpenssl Openssl 1.0.1dOpenssl Openssl 1.0.0aOpenssl Openssl 1.0.0hOpenssl Openssl 1.0.0iOpenssl Openssl 1.0.1iOpenssl Openssl 1.0.1hOpenssl Openssl 1.0.1a
NA
CVE-2015-0292
Integer underflow in the EVP_DecodeUpdate function in crypto/evp/encode.c in the base64-decoding implementation in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (memory corruption) or possibly have...
Openssl Openssl 1.0.0cOpenssl Openssl 1.0.0iOpenssl Openssl 1.0.1cOpenssl Openssl 1.0.1gOpenssl Openssl 1.0.0hOpenssl Openssl 1.0.0eOpenssl Openssl 1.0.0fOpenssl Openssl 1.0.0dOpenssl Openssl 1.0.0jOpenssl Openssl 1.0.1aOpenssl Openssl 1.0.1dOpenssl Openssl 1.0.0kOpenssl Openssl 1.0.0Openssl Openssl 1.0.1bOpenssl Openssl 1.0.1eOpenssl Openssl 1.0.1fOpenssl Openssl 1.0.0lOpenssl OpensslOpenssl Openssl 1.0.0aOpenssl Openssl 1.0.0bOpenssl Openssl 1.0.1Openssl Openssl 1.0.0g
NA
CVE-2015-0204
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a...
Openssl Openssl 1.0.0aOpenssl Openssl 1.0.0bOpenssl Openssl 1.0.0iOpenssl Openssl 1.0.0jOpenssl Openssl 1.0.1iOpenssl Openssl 1.0.1hOpenssl Openssl 1.0.0eOpenssl Openssl 1.0.0fOpenssl Openssl 1.0.0mOpenssl Openssl 1.0.0nOpenssl Openssl 1.0.1eOpenssl Openssl 1.0.1dOpenssl Openssl 1.0.1cOpenssl Openssl 1.0.0cOpenssl Openssl 1.0.0dOpenssl Openssl 1.0.0kOpenssl Openssl 1.0.0lOpenssl Openssl 1.0.1gOpenssl Openssl 1.0.1fOpenssl OpensslOpenssl Openssl 1.0.0gOpenssl Openssl 1.0.0hOpenssl Openssl 1.0.0oOpenssl Openssl 1.0.1jOpenssl Openssl 1.0.1bOpenssl Openssl 1.0.1a
NA
CVE-2014-3570
The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors,...
Openssl Openssl 1.0.0eOpenssl Openssl 1.0.0fOpenssl Openssl 1.0.0mOpenssl Openssl 1.0.0nOpenssl Openssl 1.0.1eOpenssl Openssl 1.0.1dOpenssl OpensslOpenssl Openssl 1.0.0aOpenssl Openssl 1.0.0bOpenssl Openssl 1.0.0iOpenssl Openssl 1.0.0jOpenssl Openssl 1.0.1iOpenssl Openssl 1.0.1hOpenssl Openssl 1.0.1aOpenssl Openssl 1.0.0cOpenssl Openssl 1.0.0dOpenssl Openssl 1.0.0kOpenssl Openssl 1.0.0lOpenssl Openssl 1.0.1gOpenssl Openssl 1.0.1fOpenssl Openssl 1.0.0gOpenssl Openssl 1.0.0hOpenssl Openssl 1.0.0oOpenssl Openssl 1.0.1jOpenssl Openssl 1.0.1cOpenssl Openssl 1.0.1b
7.5
CVSSv3
CVE-2016-0798
Memory leak in the SRP_VBASE_get_by_user implementation in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory consumption) by providing an invalid username in a connection attempt, related to apps/s_server.c and...
Openssl Openssl 1.0.1mOpenssl Openssl 1.0.2aOpenssl Openssl 1.0.1jOpenssl Openssl 1.0.1Openssl Openssl 1.0.1hOpenssl Openssl 1.0.2eOpenssl Openssl 1.0.1rOpenssl Openssl 1.0.2bOpenssl Openssl 1.0.1cOpenssl Openssl 1.0.1gOpenssl Openssl 1.0.1aOpenssl Openssl 1.0.1dOpenssl Openssl 1.0.2cOpenssl Openssl 1.0.2Openssl Openssl 1.0.1pOpenssl Openssl 1.0.1kOpenssl Openssl 1.0.1bOpenssl Openssl 1.0.1nOpenssl Openssl 1.0.1qOpenssl Openssl 1.0.1eOpenssl Openssl 1.0.1lOpenssl Openssl 1.0.1fOpenssl Openssl 1.0.1oOpenssl Openssl 1.0.2fOpenssl Openssl 1.0.1iOpenssl Openssl 1.0.2d
NA
CVE-2014-3567
Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted session ticket that triggers an integrity-check failure....
Openssl Openssl 1.0.0Openssl Openssl 1.0.0cOpenssl Openssl 1.0.0dOpenssl Openssl 1.0.0lOpenssl Openssl 1.0.0mOpenssl Openssl 1.0.1bOpenssl Openssl 1.0.1cOpenssl Openssl 1.0.0gOpenssl Openssl 1.0.0hOpenssl Openssl 1.0.0iOpenssl Openssl 1.0.1Openssl Openssl 1.0.1fOpenssl Openssl 1.0.1gOpenssl OpensslOpenssl Openssl 1.0.0aOpenssl Openssl 1.0.0bOpenssl Openssl 1.0.0jOpenssl Openssl 1.0.0kOpenssl Openssl 1.0.1aOpenssl Openssl 1.0.1hOpenssl Openssl 1.0.1iOpenssl Openssl 1.0.0eOpenssl Openssl 1.0.0fOpenssl Openssl 1.0.0nOpenssl Openssl 1.0.1dOpenssl Openssl 1.0.1e
NA
CVE-2014-3509
Race condition in the ssl_parse_serverhello_tlsext function in t1_lib.c in OpenSSL 1.0.0 before 1.0.0n and 1.0.1 before 1.0.1i, when multithreading and session resumption are used, allows remote SSL servers to cause a denial of service (memory overwrite and client application...
Openssl Openssl 1.0.1bOpenssl Openssl 1.0.1cOpenssl Openssl 1.0.0Openssl Openssl 1.0.0fOpenssl Openssl 1.0.0gOpenssl Openssl 1.0.1hOpenssl Openssl 1.0.1Openssl Openssl 1.0.1dOpenssl Openssl 1.0.1eOpenssl Openssl 1.0.0aOpenssl Openssl 1.0.0hOpenssl Openssl 1.0.0iOpenssl Openssl 1.0.1fOpenssl Openssl 1.0.1gOpenssl Openssl 1.0.0bOpenssl Openssl 1.0.0cOpenssl Openssl 1.0.0jOpenssl Openssl 1.0.0kOpenssl Openssl 1.0.1aOpenssl Openssl 1.0.0dOpenssl Openssl 1.0.0eOpenssl Openssl 1.0.0lOpenssl Openssl 1.0.0m
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
insecure direct object referenceCVE-2023-30736CVE-2023-39647CVE-2023-42793injectCVE-2023-20101CVE-2023-4497XXECVE-2023-5217
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook