Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openssl openssl 1.0.0 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2011-3207
crypto/x509/x509_vfy.c in OpenSSL 1.0.x prior to 1.0.0e does not initialize certain structure members, which makes it easier for remote malicious users to bypass CRL validation by using a nextUpdate value corresponding to a time in the past.
Openssl Openssl 1.0.0
Openssl Openssl 1.0.0b
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0a
Openssl Openssl 1.0.0c
5
CVSSv2
CVE-2011-3210
The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 up to and including 0.9.8r and 1.0.x prior to 1.0.0e does not ensure thread safety during processing of handshake messages from clients, which allows remote malicious users to cause a denial of service (daemon crash) v...
Openssl Openssl 0.9.8p
Openssl Openssl 0.9.8n
Openssl Openssl 0.9.8i
Openssl Openssl 0.9.8j
Openssl Openssl 0.9.8m
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.8s
Openssl Openssl 0.9.8o
Openssl Openssl 0.9.8
Openssl Openssl 0.9.8d
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8f
Openssl Openssl 0.9.8l
Openssl Openssl 0.9.8r
Openssl Openssl 0.9.8h
Openssl Openssl 0.9.8q
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8k
Openssl Openssl 1.0.0
Openssl Openssl 1.0.0d
5
CVSSv2
CVE-2008-7278
The S/MIME feature in Open Ticket Request System (OTRS) prior to 2.2.5, and 2.3.x prior to 2.3.0-beta1, does not properly configure the RANDFILE environment variable for OpenSSL, which might make it easier for remote malicious users to decrypt e-mail messages that had lower than ...
Otrs Otrs 2.1.2
Otrs Otrs 2.1.1
Otrs Otrs 2.1.8
Otrs Otrs 2.1.4
Otrs Otrs 2.1.3
Otrs Otrs 0.5
Otrs Otrs 1.0
Otrs Otrs 2.1.7
Otrs Otrs 2.0.0
Otrs Otrs 1.3.0
Otrs Otrs 2.0.1
Otrs Otrs 2.0.2
Otrs Otrs 2.2.0
Otrs Otrs 2.0.3
Otrs Otrs 1.1.1
Otrs Otrs 1.3.3
Otrs Otrs 1.1.0
Otrs Otrs 1.1.2
Otrs Otrs 1.2.0
Otrs Otrs 2.2.2
Otrs Otrs 2.2.3
Otrs Otrs
5
CVSSv2
CVE-2009-5057
The S/MIME feature in Open Ticket Request System (OTRS) prior to 2.3.4 does not configure the RANDFILE and HOME environment variables for OpenSSL, which might make it easier for remote malicious users to decrypt e-mail messages that had lower than intended entropy available for c...
Otrs Otrs 2.1.9
Otrs Otrs 2.1.1
Otrs Otrs 2.1.8
Otrs Otrs 2.1.3
Otrs Otrs 2.3.0
Otrs Otrs 2.2.0
Otrs Otrs 2.0.2
Otrs Otrs 2.0.3
Otrs Otrs 1.0.0
Otrs Otrs 0.5
Otrs Otrs 1.1
Otrs Otrs 2.0.5
Otrs Otrs 2.2.5
Otrs Otrs 2.0.0
Otrs Otrs 1.1.3
Otrs Otrs 1.2.0
Otrs Otrs 1.2.1
Otrs Otrs
Otrs Otrs 2.1.0
Otrs Otrs 2.1.5
Otrs Otrs 2.3.1
Otrs Otrs 2.3.2
5
CVSSv2
CVE-2011-0014
ssl/t1_lib.c in OpenSSL 0.9.8h up to and including 0.9.8q and 1.0.0 up to and including 1.0.0c allows remote malicious users to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake mes...
Openssl Openssl 0.9.8h
Openssl Openssl 0.9.8p
Openssl Openssl 0.9.8q
Openssl Openssl 0.9.8k
Openssl Openssl 0.9.8l
Openssl Openssl 0.9.8m
Openssl Openssl 0.9.8i
Openssl Openssl 0.9.8j
Openssl Openssl 0.9.8n
Openssl Openssl 0.9.8o
Openssl Openssl 1.0.0b
Openssl Openssl 1.0.0a
Openssl Openssl 1.0.0
Openssl Openssl 1.0.0c
5
CVSSv2
CVE-2009-4355
Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and previous versions and 1.0.0 Beta through Beta 4 allows remote malicious users to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cl...
Openssl Openssl
Openssl Openssl 0.9.8k
Openssl Openssl 0.9.8d
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7e
Redhat Openssl 0.9.7a-2
Openssl Openssl 0.9.8f
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.7
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.6
Openssl Openssl 0.9.6c
Openssl Openssl 0.9.6b
Openssl Openssl 0.9.5
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.8h
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.7a
5
CVSSv2
CVE-2009-3941
Martin Lambers mpop prior to 1.0.19, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle malicious users to s...
Martin Lambers Mpop 1.0.13
Martin Lambers Mpop 1.0.12
Martin Lambers Mpop 1.0.11
Martin Lambers Mpop 1.0.10
Martin Lambers Mpop 0.8.1
Martin Lambers Mpop 0.8.0
Martin Lambers Mpop 0.7.0
Martin Lambers Mpop 0.6.3
Martin Lambers Mpop 0.1.3
Martin Lambers Mpop 0.1.2
Martin Lambers Mpop 0.1.1
Martin Lambers Mpop 0.1.0
Martin Lambers Mpop 1.0.17
Martin Lambers Mpop 1.0.15
Martin Lambers Mpop 1.0.8
Martin Lambers Mpop 1.0.5
Martin Lambers Mpop 0.8.4
Martin Lambers Mpop 0.8.2
Martin Lambers Mpop 0.6.2
Martin Lambers Mpop 0.6.0
Martin Lambers Mpop 0.3.0
Martin Lambers Mpop 0.1.4
5
CVSSv2
CVE-2009-1387
The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL prior to 1.0.0 Beta 2 allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a "fragment bug.&q...
Openssl Openssl
Redhat Openssl 0.9.6-15
Redhat Openssl 0.9.6b-3
Redhat Openssl 0.9.7a-2
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
5
CVSSv2
CVE-2009-1378
Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and previous versions 0.9.8 versions allow remote malicious users to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have seque...
Openssl Openssl
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
5
CVSSv2
CVE-2009-1379
Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote malicious users to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated...
Openssl Openssl 1.0.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »