Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stunnel stunnel 3.7 vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2001-0060
Format string vulnerability in stunnel 3.8 and previous versions allows malicious users to execute arbitrary commands via a malformed ident username.
Stunnel Stunnel 3.4a
Stunnel Stunnel 3.7
Stunnel Stunnel 3.8
Stunnel Stunnel 3.3
755
VMScore
CVE-2002-0002
Format string vulnerability in stunnel prior to 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.
Stunnel Stunnel 3.14
Stunnel Stunnel 3.15
Stunnel Stunnel 3.16
Stunnel Stunnel 3.21b
Stunnel Stunnel 3.21c
Stunnel Stunnel 3.9
Stunnel Stunnel 3.12
Stunnel Stunnel 3.13
Stunnel Stunnel 3.21
Stunnel Stunnel 3.21a
Stunnel Stunnel 3.7
Stunnel Stunnel 3.8
Stunnel Stunnel 3.17
Stunnel Stunnel 3.18
Stunnel Stunnel 3.22
Stunnel Stunnel 3.24
Stunnel Stunnel 3.10
Stunnel Stunnel 3.11
Stunnel Stunnel 3.19
Stunnel Stunnel 3.20
Stunnel Stunnel 3.3
Stunnel Stunnel 3.4a
1 EDB exploit
641
VMScore
CVE-2008-2400
Unspecified vulnerability in stunnel prior to 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors.
Stunnel Stunnel 0.1
Stunnel Stunnel 1.6
Stunnel Stunnel 2.0
Stunnel Stunnel 3.0
Stunnel Stunnel 3.15
Stunnel Stunnel 3.16
Stunnel Stunnel 3.21a
Stunnel Stunnel 3.21b
Stunnel Stunnel 3.7
Stunnel Stunnel 3.8
Stunnel Stunnel 4.01
Stunnel Stunnel 4.02
Stunnel Stunnel 4.09
Stunnel Stunnel 4.10
Stunnel Stunnel 4.11
Stunnel Stunnel 4.18
Stunnel Stunnel 4.19
Stunnel Stunnel 1.2
Stunnel Stunnel 1.3
Stunnel Stunnel 3.11
Stunnel Stunnel 3.12
Stunnel Stunnel 3.19
605
VMScore
CVE-2008-2420
The OCSP functionality in stunnel prior to 4.24 does not properly search certificate revocation lists (CRL), which allows remote malicious users to bypass intended access restrictions by using revoked certificates.
Stunnel Stunnel 3.15
Stunnel Stunnel 3.16
Stunnel Stunnel 3.21c
Stunnel Stunnel 3.22
Stunnel Stunnel 3.6
Stunnel Stunnel 3.7
Stunnel Stunnel 4.00
Stunnel Stunnel 4.01
Stunnel Stunnel 4.09
Stunnel Stunnel 4.10
Stunnel Stunnel 4.17
Stunnel Stunnel 4.18
Stunnel Stunnel 3.11
Stunnel Stunnel 3.12
Stunnel Stunnel 3.19
Stunnel Stunnel 3.20
Stunnel Stunnel 3.21
Stunnel Stunnel 3.25
Stunnel Stunnel 3.26
Stunnel Stunnel 3.8p2
Stunnel Stunnel 3.8p3
Stunnel Stunnel 4.05
465
VMScore
CVE-2003-0740
Stunnel 4.00, and 3.24 and previous versions, leaks a privileged file descriptor returned by listen(), which allows local users to hijack the Stunnel server.
Stunnel Stunnel 3.10
Stunnel Stunnel 3.11
Stunnel Stunnel 3.18
Stunnel Stunnel 3.19
Stunnel Stunnel 3.3
Stunnel Stunnel 3.4a
Stunnel Stunnel 3.16
Stunnel Stunnel 3.17
Stunnel Stunnel 3.21c
Stunnel Stunnel 3.22
Stunnel Stunnel 3.24
Stunnel Stunnel 3.12
Stunnel Stunnel 3.13
Stunnel Stunnel 3.20
Stunnel Stunnel 3.21
Stunnel Stunnel 3.7
Stunnel Stunnel 3.8
Stunnel Stunnel 3.14
Stunnel Stunnel 3.15
Stunnel Stunnel 3.21a
Stunnel Stunnel 3.21b
Stunnel Stunnel 3.9
1 EDB exploit
445
VMScore
CVE-2003-0147
OpenSSL does not use RSA blinding by default, which allows local and remote malicious users to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different inte...
Openpkg Openpkg 1.2
Openssl Openssl 0.9.6
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.7
Stunnel Stunnel 3.15
Stunnel Stunnel 3.16
Stunnel Stunnel 3.7
Stunnel Stunnel 3.8
Openssl Openssl 0.9.6c
Openssl Openssl 0.9.6d
Stunnel Stunnel 3.11
Stunnel Stunnel 3.12
Stunnel Stunnel 3.19
Stunnel Stunnel 3.20
Stunnel Stunnel 4.01
Stunnel Stunnel 4.02
Openpkg Openpkg
Openpkg Openpkg 1.1
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.6g
Stunnel Stunnel 3.13
383
VMScore
CVE-2014-0016
stunnel prior to 5.00, when using fork threading, does not properly update the state of the OpenSSL pseudo-random number generator (PRNG), which causes subsequent children with the same process ID to use the same entropy pool and allows remote malicious users to obtain private ke...
Stunnel Stunnel 4.53
Stunnel Stunnel 4.51
Stunnel Stunnel 4.46
Stunnel Stunnel 4.44
Stunnel Stunnel 4.37
Stunnel Stunnel 4.35
Stunnel Stunnel 4.28
Stunnel Stunnel 4.26
Stunnel Stunnel 4.21
Stunnel Stunnel 4.19
Stunnel Stunnel 4.17
Stunnel Stunnel 4.12
Stunnel Stunnel 4.10
Stunnel Stunnel 4.03
Stunnel Stunnel 4.01
Stunnel Stunnel 3.8p3
Stunnel Stunnel 3.8p1
Stunnel Stunnel 3.8
Stunnel Stunnel 3.6
Stunnel Stunnel 3.4a
Stunnel Stunnel 3.21c
Stunnel Stunnel 3.21a
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started