Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openssl openssl vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-1999-0428
OpenSSL and SSLeay allow remote malicious users to reuse SSL sessions and bypass access controls.
Openssl Openssl
383
VMScore
CVE-2019-1563
In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message th...
Openssl Openssl
1 Github repository
505
VMScore
CVE-2009-1379
Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote malicious users to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated...
Openssl Openssl 1.0.0
1 EDB exploit
755
VMScore
CVE-2012-2131
Multiple integer signedness errors in crypto/buffer/buffer.c in OpenSSL 0.9.8v allow remote malicious users to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an...
Openssl Openssl 0.9.8v
1 EDB exploit
668
VMScore
CVE-2009-0653
OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote malicious users to spoof the certificates of trusted sites via a man-in-the-middle attack, a related issue to CVE-2002-0970.
Openssl Openssl 0.9.6
668
VMScore
CVE-2002-0657
Buffer overflow in OpenSSL 0.9.7 prior to 0.9.7-beta3, with Kerberos enabled, allows malicious users to execute arbitrary code via a long master key.
Openssl Openssl 0.9.7
356
VMScore
CVE-2011-5095
The Diffie-Hellman key-exchange implementation in OpenSSL 0.9.8, when FIPS mode is enabled, does not properly validate a public parameter, which makes it easier for man-in-the-middle malicious users to obtain the shared secret key by modifying network traffic, a related issue to ...
Openssl Openssl 0.9.8
446
VMScore
CVE-2002-1568
OpenSSL 0.9.6e uses assertions when detecting buffer overflow attacks instead of less severe mechanisms, which allows remote malicious users to cause a denial of service (crash) via certain messages that cause OpenSSL to abort from a failed assertion, as demonstrated using SSLv2 ...
Openssl Openssl 0.9.6e
570
VMScore
CVE-2010-1633
RSA verification recovery in the EVP_PKEY_verify_recover function in OpenSSL 1.x prior to 1.0.0a, as used by pkeyutl and possibly other applications, returns uninitialized memory upon failure, which might allow context-dependent malicious users to bypass intended key requirements...
Openssl Openssl 1.0.0
358
VMScore
CVE-2010-0928
OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximat...
Openssl Openssl 0.9.8i
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »