Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stunnel stunnel 3.4a vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2001-0060
Format string vulnerability in stunnel 3.8 and previous versions allows malicious users to execute arbitrary commands via a malformed ident username.
Stunnel Stunnel 3.4a
Stunnel Stunnel 3.7
Stunnel Stunnel 3.8
Stunnel Stunnel 3.3
4.6
CVSSv2
CVE-2003-0740
Stunnel 4.00, and 3.24 and previous versions, leaks a privileged file descriptor returned by listen(), which allows local users to hijack the Stunnel server.
Stunnel Stunnel 3.10
Stunnel Stunnel 3.11
Stunnel Stunnel 3.18
Stunnel Stunnel 3.19
Stunnel Stunnel 3.3
Stunnel Stunnel 3.4a
Stunnel Stunnel 3.16
Stunnel Stunnel 3.17
Stunnel Stunnel 3.21c
Stunnel Stunnel 3.22
Stunnel Stunnel 3.24
Stunnel Stunnel 3.12
Stunnel Stunnel 3.13
Stunnel Stunnel 3.20
Stunnel Stunnel 3.21
Stunnel Stunnel 3.7
Stunnel Stunnel 3.8
Stunnel Stunnel 3.14
Stunnel Stunnel 3.15
Stunnel Stunnel 3.21a
Stunnel Stunnel 3.21b
Stunnel Stunnel 3.9
1 EDB exploit
7.5
CVSSv2
CVE-2002-0002
Format string vulnerability in stunnel prior to 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.
Stunnel Stunnel 3.14
Stunnel Stunnel 3.15
Stunnel Stunnel 3.16
Stunnel Stunnel 3.21b
Stunnel Stunnel 3.21c
Stunnel Stunnel 3.9
Stunnel Stunnel 3.12
Stunnel Stunnel 3.13
Stunnel Stunnel 3.21
Stunnel Stunnel 3.21a
Stunnel Stunnel 3.7
Stunnel Stunnel 3.8
Stunnel Stunnel 3.17
Stunnel Stunnel 3.18
Stunnel Stunnel 3.22
Stunnel Stunnel 3.24
Stunnel Stunnel 3.10
Stunnel Stunnel 3.11
Stunnel Stunnel 3.19
Stunnel Stunnel 3.20
Stunnel Stunnel 3.3
Stunnel Stunnel 3.4a
1 EDB exploit
6.8
CVSSv2
CVE-2008-2420
The OCSP functionality in stunnel prior to 4.24 does not properly search certificate revocation lists (CRL), which allows remote malicious users to bypass intended access restrictions by using revoked certificates.
Stunnel Stunnel 3.15
Stunnel Stunnel 3.16
Stunnel Stunnel 3.21c
Stunnel Stunnel 3.22
Stunnel Stunnel 3.6
Stunnel Stunnel 3.7
Stunnel Stunnel 4.00
Stunnel Stunnel 4.01
Stunnel Stunnel 4.09
Stunnel Stunnel 4.10
Stunnel Stunnel 4.17
Stunnel Stunnel 4.18
Stunnel Stunnel 3.11
Stunnel Stunnel 3.12
Stunnel Stunnel 3.19
Stunnel Stunnel 3.20
Stunnel Stunnel 3.21
Stunnel Stunnel 3.25
Stunnel Stunnel 3.26
Stunnel Stunnel 3.8p2
Stunnel Stunnel 3.8p3
Stunnel Stunnel 4.05
7.2
CVSSv2
CVE-2008-2400
Unspecified vulnerability in stunnel prior to 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors.
Stunnel Stunnel 0.1
Stunnel Stunnel 1.6
Stunnel Stunnel 2.0
Stunnel Stunnel 3.0
Stunnel Stunnel 3.15
Stunnel Stunnel 3.16
Stunnel Stunnel 3.21a
Stunnel Stunnel 3.21b
Stunnel Stunnel 3.7
Stunnel Stunnel 3.8
Stunnel Stunnel 4.01
Stunnel Stunnel 4.02
Stunnel Stunnel 4.09
Stunnel Stunnel 4.10
Stunnel Stunnel 4.11
Stunnel Stunnel 4.18
Stunnel Stunnel 4.19
Stunnel Stunnel 1.2
Stunnel Stunnel 1.3
Stunnel Stunnel 3.11
Stunnel Stunnel 3.12
Stunnel Stunnel 3.19
4.3
CVSSv2
CVE-2014-0016
stunnel prior to 5.00, when using fork threading, does not properly update the state of the OpenSSL pseudo-random number generator (PRNG), which causes subsequent children with the same process ID to use the same entropy pool and allows remote malicious users to obtain private ke...
Stunnel Stunnel 4.53
Stunnel Stunnel 4.51
Stunnel Stunnel 4.46
Stunnel Stunnel 4.44
Stunnel Stunnel 4.37
Stunnel Stunnel 4.35
Stunnel Stunnel 4.28
Stunnel Stunnel 4.26
Stunnel Stunnel 4.21
Stunnel Stunnel 4.19
Stunnel Stunnel 4.17
Stunnel Stunnel 4.12
Stunnel Stunnel 4.10
Stunnel Stunnel 4.03
Stunnel Stunnel 4.01
Stunnel Stunnel 3.8p3
Stunnel Stunnel 3.8p1
Stunnel Stunnel 3.8
Stunnel Stunnel 3.6
Stunnel Stunnel 3.4a
Stunnel Stunnel 3.21c
Stunnel Stunnel 3.21a
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started