Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openssl openssl 1.0.1f vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2014-5139
The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 prior to 1.0.1i allows remote SSL servers to cause a denial of service (NULL pointer dereference and client application crash) via a ServerHello message that includes an SRP ciphersuite without the required negotia...
Openssl Openssl 1.0.1
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1e
Openssl Openssl 1.0.1f
605
VMScore
CVE-2014-3509
Race condition in the ssl_parse_serverhello_tlsext function in t1_lib.c in OpenSSL 1.0.0 prior to 1.0.0n and 1.0.1 prior to 1.0.1i, when multithreading and session resumption are used, allows remote SSL servers to cause a denial of service (memory overwrite and client application...
Openssl Openssl 1.0.1
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.0m
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.0k
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1e
Openssl Openssl 1.0.1f
Openssl Openssl 1.0.0l
Openssl Openssl 1.0.0a
Openssl Openssl 1.0.0b
1 Github repository
383
VMScore
CVE-2014-3511
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1 prior to 1.0.1i allows man-in-the-middle malicious users to force the use of TLS 1.0 by triggering ClientHello message fragmentation in communication between a client and server that both support later TLS version...
Openssl Openssl 1.0.1
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.0m
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.0k
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1e
Openssl Openssl 1.0.1f
Openssl Openssl 1.0.0l
Openssl Openssl 1.0.0a
Openssl Openssl 1.0.0b
1 Github repository
668
VMScore
CVE-2014-3512
Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL 1.0.1 prior to 1.0.1i allow remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid SRP (1) g, (2) A, or (3) B parameter...
Openssl Openssl 1.0.1
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.0m
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.0k
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1e
Openssl Openssl 1.0.1f
Openssl Openssl 1.0.0l
Openssl Openssl 1.0.0a
Openssl Openssl 1.0.0b
694
VMScore
CVE-2016-0798
Memory leak in the SRP_VBASE_get_by_user implementation in OpenSSL 1.0.1 prior to 1.0.1s and 1.0.2 prior to 1.0.2g allows remote malicious users to cause a denial of service (memory consumption) by providing an invalid username in a connection attempt, related to apps/s_server.c ...
Openssl Openssl 1.0.1m
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.1
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.1r
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.1p
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1n
Openssl Openssl 1.0.1q
Openssl Openssl 1.0.1e
Openssl Openssl 1.0.1l
Openssl Openssl 1.0.1f
384
VMScore
CVE-2014-3568
OpenSSL prior to 0.9.8zc, 1.0.0 prior to 1.0.0o, and 1.0.1 prior to 1.0.1j does not properly enforce the no-ssl3 build option, which allows remote malicious users to bypass intended access restrictions via an SSL 3.0 handshake, related to s23_clnt.c and s23_srvr.c.
Openssl Openssl 1.0.0n
Openssl Openssl 1.0.1
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.0m
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.0k
Openssl Openssl
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1e
Openssl Openssl 1.0.1f
Openssl Openssl 1.0.0l
1 Article
891
VMScore
CVE-2016-2842
The doapr_outch function in crypto/bio/b_print.c in OpenSSL 1.0.1 prior to 1.0.1s and 1.0.2 prior to 1.0.2g does not verify that a certain memory allocation succeeds, which allows remote malicious users to cause a denial of service (out-of-bounds write or memory consumption) or p...
Openssl Openssl 1.0.1m
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.1
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.1r
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.1p
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1n
Openssl Openssl 1.0.1q
Openssl Openssl 1.0.1e
Openssl Openssl 1.0.1l
Openssl Openssl 1.0.1f
892
VMScore
CVE-2016-0799
The fmtstr function in crypto/bio/b_print.c in OpenSSL 1.0.1 prior to 1.0.1s and 1.0.2 prior to 1.0.2g improperly calculates string lengths, which allows remote malicious users to cause a denial of service (overflow and out-of-bounds read) or possibly have unspecified other impac...
Openssl Openssl 1.0.1m
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.1
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.1r
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.1p
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1n
Openssl Openssl 1.0.1q
Openssl Openssl 1.0.1e
Openssl Openssl 1.0.1l
Openssl Openssl 1.0.1f
461
VMScore
CVE-2016-0800
The SSLv2 protocol, as used in OpenSSL prior to 1.0.1s and 1.0.2 prior to 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote malicious users to decryp...
Openssl Openssl 1.0.1m
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.1
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.1r
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.1p
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1n
Openssl Openssl 1.0.1q
Openssl Openssl 1.0.1e
Openssl Openssl 1.0.1l
Openssl Openssl 1.0.1f
2 Nmap scripts
4 Github repositories
2 Articles
460
VMScore
CVE-2016-0703
The get_client_master_key function in s2_srvr.c in the SSLv2 implementation in OpenSSL prior to 0.9.8zf, 1.0.0 prior to 1.0.0r, 1.0.1 prior to 1.0.1m, and 1.0.2 prior to 1.0.2a accepts a nonzero CLIENT-MASTER-KEY CLEAR-KEY-LENGTH value for an arbitrary cipher, which allows man-in...
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.0n
Openssl Openssl 1.0.1
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.0m
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.0p
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.0o
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.0k
Openssl Openssl 1.0.2
Openssl Openssl 1.0.1k
2 Nmap scripts
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »