Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stunnel stunnel 3.7 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2001-0060
Format string vulnerability in stunnel 3.8 and previous versions allows malicious users to execute arbitrary commands via a malformed ident username.
Stunnel Stunnel 3.4a
Stunnel Stunnel 3.7
Stunnel Stunnel 3.8
Stunnel Stunnel 3.3
NA
CVE-2003-0740
Stunnel 4.00, and 3.24 and previous versions, leaks a privileged file descriptor returned by listen(), which allows local users to hijack the Stunnel server.
Stunnel Stunnel 3.10
Stunnel Stunnel 3.11
Stunnel Stunnel 3.18
Stunnel Stunnel 3.19
Stunnel Stunnel 3.3
Stunnel Stunnel 3.4a
Stunnel Stunnel 3.16
Stunnel Stunnel 3.17
Stunnel Stunnel 3.21c
Stunnel Stunnel 3.22
Stunnel Stunnel 3.24
Stunnel Stunnel 3.12
Stunnel Stunnel 3.13
Stunnel Stunnel 3.20
Stunnel Stunnel 3.21
Stunnel Stunnel 3.7
Stunnel Stunnel 3.8
Stunnel Stunnel 3.14
Stunnel Stunnel 3.15
Stunnel Stunnel 3.21a
Stunnel Stunnel 3.21b
Stunnel Stunnel 3.9
1 EDB exploit
NA
CVE-2002-0002
Format string vulnerability in stunnel prior to 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.
Stunnel Stunnel 3.14
Stunnel Stunnel 3.15
Stunnel Stunnel 3.16
Stunnel Stunnel 3.21b
Stunnel Stunnel 3.21c
Stunnel Stunnel 3.9
Stunnel Stunnel 3.12
Stunnel Stunnel 3.13
Stunnel Stunnel 3.21
Stunnel Stunnel 3.21a
Stunnel Stunnel 3.7
Stunnel Stunnel 3.8
Stunnel Stunnel 3.17
Stunnel Stunnel 3.18
Stunnel Stunnel 3.22
Stunnel Stunnel 3.24
Stunnel Stunnel 3.10
Stunnel Stunnel 3.11
Stunnel Stunnel 3.19
Stunnel Stunnel 3.20
Stunnel Stunnel 3.3
Stunnel Stunnel 3.4a
1 EDB exploit
NA
CVE-2008-2420
The OCSP functionality in stunnel prior to 4.24 does not properly search certificate revocation lists (CRL), which allows remote malicious users to bypass intended access restrictions by using revoked certificates.
Stunnel Stunnel 3.15
Stunnel Stunnel 3.16
Stunnel Stunnel 3.21c
Stunnel Stunnel 3.22
Stunnel Stunnel 3.6
Stunnel Stunnel 3.7
Stunnel Stunnel 4.00
Stunnel Stunnel 4.01
Stunnel Stunnel 4.09
Stunnel Stunnel 4.10
Stunnel Stunnel 4.17
Stunnel Stunnel 4.18
Stunnel Stunnel 3.11
Stunnel Stunnel 3.12
Stunnel Stunnel 3.19
Stunnel Stunnel 3.20
Stunnel Stunnel 3.21
Stunnel Stunnel 3.25
Stunnel Stunnel 3.26
Stunnel Stunnel 3.8p2
Stunnel Stunnel 3.8p3
Stunnel Stunnel 4.05
NA
CVE-2008-2400
Unspecified vulnerability in stunnel prior to 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors.
Stunnel Stunnel 0.1
Stunnel Stunnel 1.6
Stunnel Stunnel 2.0
Stunnel Stunnel 3.0
Stunnel Stunnel 3.15
Stunnel Stunnel 3.16
Stunnel Stunnel 3.21a
Stunnel Stunnel 3.21b
Stunnel Stunnel 3.7
Stunnel Stunnel 3.8
Stunnel Stunnel 4.01
Stunnel Stunnel 4.02
Stunnel Stunnel 4.09
Stunnel Stunnel 4.10
Stunnel Stunnel 4.11
Stunnel Stunnel 4.18
Stunnel Stunnel 4.19
Stunnel Stunnel 1.2
Stunnel Stunnel 1.3
Stunnel Stunnel 3.11
Stunnel Stunnel 3.12
Stunnel Stunnel 3.19
NA
CVE-2003-0147
OpenSSL does not use RSA blinding by default, which allows local and remote malicious users to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different inte...
Openpkg Openpkg 1.2
Openssl Openssl 0.9.6
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.7
Stunnel Stunnel 3.15
Stunnel Stunnel 3.16
Stunnel Stunnel 3.7
Stunnel Stunnel 3.8
Openssl Openssl 0.9.6c
Openssl Openssl 0.9.6d
Stunnel Stunnel 3.11
Stunnel Stunnel 3.12
Stunnel Stunnel 3.19
Stunnel Stunnel 3.20
Stunnel Stunnel 4.01
Stunnel Stunnel 4.02
Openpkg Openpkg
Openpkg Openpkg 1.1
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.6g
Stunnel Stunnel 3.13
NA
CVE-2014-0016
stunnel prior to 5.00, when using fork threading, does not properly update the state of the OpenSSL pseudo-random number generator (PRNG), which causes subsequent children with the same process ID to use the same entropy pool and allows remote malicious users to obtain private ke...
Stunnel Stunnel 4.53
Stunnel Stunnel 4.51
Stunnel Stunnel 4.46
Stunnel Stunnel 4.44
Stunnel Stunnel 4.37
Stunnel Stunnel 4.35
Stunnel Stunnel 4.28
Stunnel Stunnel 4.26
Stunnel Stunnel 4.21
Stunnel Stunnel 4.19
Stunnel Stunnel 4.17
Stunnel Stunnel 4.12
Stunnel Stunnel 4.10
Stunnel Stunnel 4.03
Stunnel Stunnel 4.01
Stunnel Stunnel 3.8p3
Stunnel Stunnel 3.8p1
Stunnel Stunnel 3.8
Stunnel Stunnel 3.6
Stunnel Stunnel 3.4a
Stunnel Stunnel 3.21c
Stunnel Stunnel 3.21a
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22460
CVE-2024-4646
CVE-2024-29212
IMAP
CVE-2023-36672
CVE-2024-34547
command injection
CVE-2024-4651
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started