Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openssl openssl 0.9.8c vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2008-3280
It was found that various OpenID Providers (OPs) had TLS Server Certificates that used weak keys, as a result of the Debian Predictable Random Number Generator (CVE-2008-0166). In combination with the DNS Cache Poisoning issue (CVE-2008-1447) and the fact that almost all SSL/TLS ...
Openid Openid -
1 EDB exploit
384
VMScore
CVE-2014-3508
The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 prior to 0.9.8zb, 1.0.0 prior to 1.0.0n, and 1.0.1 prior to 1.0.1i, when pretty printing is used, does not ensure the presence of '\0' characters, which allows context-dependent malicious users to obt...
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8m
Openssl Openssl 1.0.1
Openssl Openssl 0.9.8c
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0
Openssl Openssl 1.0.1h
Openssl Openssl 0.9.8n
Openssl Openssl 0.9.8p
Openssl Openssl 1.0.0m
Openssl Openssl 1.0.1c
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8u
Openssl Openssl 0.9.8za
Openssl Openssl 1.0.1g
Openssl Openssl 0.9.8g
Openssl Openssl 1.0.0h
Openssl Openssl 0.9.8k
Openssl Openssl 0.9.8d
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
2 Github repositories
384
VMScore
CVE-2011-4108
The DTLS implementation in OpenSSL prior to 0.9.8s and 1.x prior to 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote malicious users to recover plaintext via a padding oracle attack.
Openssl Openssl 0.9.8o
Openssl Openssl 0.9.8n
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8f
Openssl Openssl 0.9.7m
Openssl Openssl 0.9.7l
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.6j
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.6b
Openssl Openssl
Openssl Openssl 0.9.8k
Openssl Openssl 0.9.8j
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.7
Openssl Openssl 0.9.6m
Openssl Openssl 0.9.6g
384
VMScore
CVE-2011-4577
OpenSSL prior to 0.9.8s and 1.x prior to 1.0.0f, when RFC 3779 support is enabled, allows remote malicious users to cause a denial of service (assertion failure) via an X.509 certificate containing certificate-extension data associated with (1) IP address blocks or (2) Autonomous...
Openssl Openssl 0.9.8m
Openssl Openssl 0.9.8l
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8d
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.6
Openssl Openssl
Openssl Openssl 0.9.8q
Openssl Openssl 0.9.8i
Openssl Openssl 0.9.8h
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.8
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.6l
Openssl Openssl 0.9.6k
383
VMScore
CVE-2014-3510
The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL 0.9.8 prior to 0.9.8zb, 1.0.0 prior to 1.0.0n, and 1.0.1 prior to 1.0.1i allows remote DTLS servers to cause a denial of service (NULL pointer dereference and client application crash) via a crafted handshake mess...
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8m
Openssl Openssl 1.0.1
Openssl Openssl 0.9.8c
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0
Openssl Openssl 1.0.1h
Openssl Openssl 0.9.8n
Openssl Openssl 0.9.8p
Openssl Openssl 1.0.0m
Openssl Openssl 1.0.1c
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8u
Openssl Openssl 0.9.8za
Openssl Openssl 1.0.1g
Openssl Openssl 0.9.8g
Openssl Openssl 1.0.0h
Openssl Openssl 0.9.8k
Openssl Openssl 0.9.8d
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
1 Github repository
383
VMScore
CVE-2008-7270
OpenSSL prior to 0.9.8j, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not prevent modification of the ciphersuite in the session cache, which allows remote malicious users to force the use of a disabled cipher via vectors involving sniffing network traffic to dis...
Openssl Openssl 0.9.4
Openssl Openssl 0.9.5
Openssl Openssl 0.9.6
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.6j
Openssl Openssl 0.9.6m
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7
Openssl Openssl 0.9.7i
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.7m
Openssl Openssl 0.9.7l
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.8a
383
VMScore
CVE-2010-0433
The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL prior to 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote malicious users to cause a denial of service (NULL pointer derefe...
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.8e
Openssl Openssl
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8k
Openssl Openssl 0.9.8d
Openssl Openssl 0.9.8j
Openssl Openssl 0.9.8l
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.8
Openssl Openssl 0.9.8i
Openssl Openssl 0.9.8f
Openssl Openssl 0.9.8h
383
VMScore
CVE-2006-4339
OpenSSL prior to 0.9.7, 0.9.7 prior to 0.9.7k, and 0.9.8 prior to 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote malicious users to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents Open...
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.7g
Openssl Openssl
Openssl Openssl 0.9.6g
Openssl Openssl 0.9.6j
Openssl Openssl 0.9.6l
Openssl Openssl 0.9.6
Openssl Openssl 0.9.4
Openssl Openssl 0.9.5
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.7i
Openssl Openssl 0.9.6f
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.6b
Openssl Openssl 0.9.3
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.8a
232
VMScore
CVE-2011-1945
The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and previous versions, when the Elliptic Curve Digital Signature Algorithm (ECDSA) is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-...
Openssl Openssl 0.9.3a
Openssl Openssl 0.9.4
Openssl Openssl 0.9.6
Openssl Openssl 0.9.6i
Openssl Openssl 1.0.0
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.7
Openssl Openssl 0.9.8h
Openssl Openssl 0.9.8m
Openssl Openssl 0.9.8i
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.7i
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.5
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.6g
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.6k
Openssl Openssl 0.9.6j
169
VMScore
CVE-2014-0076
The Montgomery ladder implementation in OpenSSL up to and including 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack.
Openssl Openssl 0.9.7
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.7l
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.8m
Openssl Openssl 0.9.3
Openssl Openssl 0.9.8c
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 0.9.7c
Openssl Openssl 1.0.0
Openssl Openssl 0.9.5
Openssl Openssl 0.9.8n
Openssl Openssl 0.9.8p
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.6
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8u
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »