Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openssl openssl 0.9.6b vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2009-1386
ssl/s3_pkt.c in OpenSSL prior to 0.9.8i allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.
Openssl Openssl
Redhat Openssl 0.9.6-15
Redhat Openssl 0.9.6b-3
Redhat Openssl 0.9.7a-2
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
1 EDB exploit
383
VMScore
CVE-2008-7270
OpenSSL prior to 0.9.8j, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not prevent modification of the ciphersuite in the session cache, which allows remote malicious users to force the use of a disabled cipher via vectors involving sniffing network traffic to dis...
Openssl Openssl 0.9.4
Openssl Openssl 0.9.5
Openssl Openssl 0.9.6
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.6j
Openssl Openssl 0.9.6m
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7
Openssl Openssl 0.9.7i
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.7m
Openssl Openssl 0.9.7l
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.8a
516
VMScore
CVE-2008-5077
OpenSSL 0.9.8i and previous versions does not properly check the return value from the EVP_VerifyFinal function, which allows remote malicious users to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.7
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8d
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.6m
Openssl Openssl 0.9.6l
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.6
Openssl Openssl 0.9.3a
Openssl Openssl 0.9.4
Openssl Openssl 0.9.7l
Openssl Openssl 0.9.8
516
VMScore
CVE-2011-4354
crypto/bn/bn_nist.c in OpenSSL prior to 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curv...
Openssl Openssl 0.9.8
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.3
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.6
Openssl Openssl 0.9.6g
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.6k
Openssl Openssl 0.9.7
Openssl Openssl 0.9.7m
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.3a
Openssl Openssl 0.9.4
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.6f
Openssl Openssl 0.9.8f
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.5
445
VMScore
CVE-2009-0789
OpenSSL prior to 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote malicious users to cause a denial of service (invalid memory access and application crash) by placing this structure in the public key of a certi...
Openssl Openssl 0.9.8h
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8
Openssl Openssl 0.9.7l
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.8f
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.7m
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.6k
Openssl Openssl 0.9.6j
446
VMScore
CVE-2006-7250
The mime_hdr_cmp function in crypto/asn1/asn_mime.c in OpenSSL 0.9.8t and previous versions allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message.
Openssl Openssl
Openssl Openssl 0.9.7
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.7l
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.8m
Openssl Openssl 0.9.3
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.5
Openssl Openssl 0.9.8n
Openssl Openssl 0.9.8p
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.6
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.4
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8k
668
VMScore
CVE-2010-4252
OpenSSL prior to 1.0.0c, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote malicious users to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each ro...
Openssl Openssl 0.9.7
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.7l
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.8m
Openssl Openssl 0.9.3
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.7c
Openssl Openssl 1.0.0
Openssl Openssl 0.9.5
Openssl Openssl 0.9.8n
Openssl Openssl
Openssl Openssl 0.9.8p
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.6
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.4
Openssl Openssl 0.9.8g
668
VMScore
CVE-2010-0742
The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL prior to 0.9.8o and 1.x prior to 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent malicious users to modify invalid memory locations or ...
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.7
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.8l
Openssl Openssl 0.9.8i
Openssl Openssl 0.9.7i
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.5
Openssl Openssl 0.9.6
Openssl Openssl 0.9.6g
Openssl Openssl 0.9.6f
Openssl Openssl 0.9.3
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.7k
446
VMScore
CVE-2012-0027
The GOST ENGINE in OpenSSL prior to 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote malicious users to cause a denial of service (daemon crash) via crafted data from a TLS client.
Openssl Openssl 1.0.0
Openssl Openssl 0.9.8n
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0b
Openssl Openssl 0.9.8s
Openssl Openssl 0.9.8p
Openssl Openssl 0.9.8h
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.7i
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.7
Openssl Openssl 0.9.6m
Openssl Openssl 0.9.6g
Openssl Openssl 0.9.6f
Openssl Openssl 0.9.5
Openssl Openssl 0.9.4
Openssl Openssl 1.0.0a
Openssl Openssl 0.9.8r
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8f
384
VMScore
CVE-2011-4108
The DTLS implementation in OpenSSL prior to 0.9.8s and 1.x prior to 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote malicious users to recover plaintext via a padding oracle attack.
Openssl Openssl 0.9.8o
Openssl Openssl 0.9.8n
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8f
Openssl Openssl 0.9.7m
Openssl Openssl 0.9.7l
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.6j
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.6b
Openssl Openssl
Openssl Openssl 0.9.8k
Openssl Openssl 0.9.8j
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.7
Openssl Openssl 0.9.6m
Openssl Openssl 0.9.6g
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »