Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openssl openssl 1.0.0 vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2009-1379
Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote malicious users to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated...
Openssl Openssl 1.0.0
1 EDB exploit
460
VMScore
CVE-2016-0703
The get_client_master_key function in s2_srvr.c in the SSLv2 implementation in OpenSSL prior to 0.9.8zf, 1.0.0 prior to 1.0.0r, 1.0.1 prior to 1.0.1m, and 1.0.2 prior to 1.0.2a accepts a nonzero CLIENT-MASTER-KEY CLEAR-KEY-LENGTH value for an arbitrary cipher, which allows man-in...
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.0n
Openssl Openssl 1.0.1
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.0m
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.0p
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.0o
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.0k
Openssl Openssl 1.0.2
Openssl Openssl 1.0.1k
2 Nmap scripts
1 Github repository
446
VMScore
CVE-2014-3505
Double free vulnerability in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 prior to 0.9.8zb, 1.0.0 prior to 1.0.0n, and 1.0.1 prior to 1.0.1i allows remote malicious users to cause a denial of service (application crash) via crafted DTLS packets that trigger an error cond...
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8m
Openssl Openssl 1.0.1
Openssl Openssl 0.9.8c
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0
Openssl Openssl 1.0.1h
Openssl Openssl 0.9.8n
Openssl Openssl 0.9.8p
Openssl Openssl 1.0.0m
Openssl Openssl 1.0.1c
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8u
Openssl Openssl 0.9.8za
Openssl Openssl 1.0.1g
Openssl Openssl 0.9.8g
Openssl Openssl 1.0.0h
Openssl Openssl 0.9.8k
Openssl Openssl 0.9.8d
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
446
VMScore
CVE-2014-3506
d1_both.c in the DTLS implementation in OpenSSL 0.9.8 prior to 0.9.8zb, 1.0.0 prior to 1.0.0n, and 1.0.1 prior to 1.0.1i allows remote malicious users to cause a denial of service (memory consumption) via crafted DTLS handshake messages that trigger memory allocations correspondi...
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8m
Openssl Openssl 1.0.1
Openssl Openssl 0.9.8c
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0
Openssl Openssl 1.0.1h
Openssl Openssl 0.9.8n
Openssl Openssl 0.9.8p
Openssl Openssl 1.0.0m
Openssl Openssl 1.0.1c
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8u
Openssl Openssl 0.9.8za
Openssl Openssl 1.0.1g
Openssl Openssl 0.9.8g
Openssl Openssl 1.0.0h
Openssl Openssl 0.9.8k
Openssl Openssl 0.9.8d
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
446
VMScore
CVE-2012-0884
The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 in OpenSSL prior to 0.9.8u and 1.x prior to 1.0.0h does not properly restrict certain oracle behavior, which makes it easier for context-dependent malicious users to decrypt data via a Million Message Attack (MM...
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0b
Openssl Openssl 1.0.0a
Openssl Openssl 0.9.8o
Openssl Openssl 0.9.8n
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8f
Openssl Openssl 0.9.7l
Openssl Openssl 0.9.7m
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.6k
Openssl Openssl 0.9.6j
Openssl Openssl 0.9.6
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0d
Openssl Openssl 0.9.8q
Openssl Openssl 0.9.8p
Openssl Openssl 0.9.8i
Openssl Openssl 0.9.8h
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.8
446
VMScore
CVE-2011-4576
The SSL 3.0 implementation in OpenSSL prior to 0.9.8s and 1.x prior to 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote malicious users to obtain sensitive information by decrypting the padding data sent by an SSL peer.
Openssl Openssl
Openssl Openssl 0.9.8q
Openssl Openssl 0.9.8j
Openssl Openssl 0.9.8i
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.6m
Openssl Openssl 0.9.6l
Openssl Openssl 0.9.6f
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.4
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.8p
Openssl Openssl 0.9.8o
Openssl Openssl 0.9.8h
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8
Openssl Openssl 0.9.7m
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.7d
446
VMScore
CVE-2011-4619
The Server Gated Cryptography (SGC) implementation in OpenSSL prior to 0.9.8s and 1.x prior to 1.0.0f does not properly handle handshake restarts, which allows remote malicious users to cause a denial of service (CPU consumption) via unspecified vectors.
Openssl Openssl 0.9.8m
Openssl Openssl 0.9.8l
Openssl Openssl 0.9.8d
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.7i
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.6g
Openssl Openssl 0.9.6
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.8q
Openssl Openssl 0.9.8p
Openssl Openssl 0.9.8h
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8
Openssl Openssl 0.9.7m
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.6k
446
VMScore
CVE-2012-0027
The GOST ENGINE in OpenSSL prior to 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote malicious users to cause a denial of service (daemon crash) via crafted data from a TLS client.
Openssl Openssl 1.0.0
Openssl Openssl 0.9.8n
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0b
Openssl Openssl 0.9.8s
Openssl Openssl 0.9.8p
Openssl Openssl 0.9.8h
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.7i
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.7
Openssl Openssl 0.9.6m
Openssl Openssl 0.9.6g
Openssl Openssl 0.9.6f
Openssl Openssl 0.9.5
Openssl Openssl 0.9.4
Openssl Openssl 1.0.0a
Openssl Openssl 0.9.8r
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8f
446
VMScore
CVE-2011-3210
The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 up to and including 0.9.8r and 1.0.x prior to 1.0.0e does not ensure thread safety during processing of handshake messages from clients, which allows remote malicious users to cause a denial of service (daemon crash) v...
Openssl Openssl 0.9.8p
Openssl Openssl 0.9.8n
Openssl Openssl 0.9.8i
Openssl Openssl 0.9.8j
Openssl Openssl 0.9.8m
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.8s
Openssl Openssl 0.9.8o
Openssl Openssl 0.9.8
Openssl Openssl 0.9.8d
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8f
Openssl Openssl 0.9.8l
Openssl Openssl 0.9.8r
Openssl Openssl 0.9.8h
Openssl Openssl 0.9.8q
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8k
Openssl Openssl 1.0.0
Openssl Openssl 1.0.0d
446
VMScore
CVE-2011-0014
ssl/t1_lib.c in OpenSSL 0.9.8h up to and including 0.9.8q and 1.0.0 up to and including 1.0.0c allows remote malicious users to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake mes...
Openssl Openssl 0.9.8h
Openssl Openssl 0.9.8p
Openssl Openssl 0.9.8q
Openssl Openssl 0.9.8k
Openssl Openssl 0.9.8l
Openssl Openssl 0.9.8m
Openssl Openssl 0.9.8i
Openssl Openssl 0.9.8j
Openssl Openssl 0.9.8n
Openssl Openssl 0.9.8o
Openssl Openssl 1.0.0b
Openssl Openssl 1.0.0a
Openssl Openssl 1.0.0
Openssl Openssl 1.0.0c
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »