Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
elliptic project vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2010-5298
Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL up to and including 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote malicious users to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL conn...
Openssl Openssl
Mariadb Mariadb
Fedoraproject Fedora 20
Fedoraproject Fedora 19
Suse Linux Enterprise Server 12
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Desktop 12
Suse Linux Enterprise Workstation Extension 12
1 Article
5
CVSSv2
CVE-2014-1498
The crypto.generateCRMFRequest method in Mozilla Firefox prior to 28.0 and SeaMonkey prior to 2.25 does not properly validate a certain key type, which allows remote malicious users to cause a denial of service (application crash) via vectors that trigger generation of a key that...
Suse Linux Enterprise Server 11
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Software Development Kit 11
Oracle Solaris 11.3
Opensuse Opensuse 13.1
Opensuse Project Opensuse 12.3
Opensuse Project Opensuse 11.4
Mozilla Seamonkey
Mozilla Firefox
5.8
CVSSv2
CVE-2011-4354
crypto/bn/bn_nist.c in OpenSSL prior to 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curv...
Openssl Openssl 0.9.8
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.3
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.6
Openssl Openssl 0.9.6g
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.6k
Openssl Openssl 0.9.7
Openssl Openssl 0.9.7m
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.3a
Openssl Openssl 0.9.4
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.6f
Openssl Openssl 0.9.8f
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.5
4.3
CVSSv2
CVE-2011-4108
The DTLS implementation in OpenSSL prior to 0.9.8s and 1.x prior to 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote malicious users to recover plaintext via a padding oracle attack.
Openssl Openssl 0.9.8o
Openssl Openssl 0.9.8n
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8f
Openssl Openssl 0.9.7m
Openssl Openssl 0.9.7l
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.6j
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.6b
Openssl Openssl
Openssl Openssl 0.9.8k
Openssl Openssl 0.9.8j
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.7
Openssl Openssl 0.9.6m
Openssl Openssl 0.9.6g
5
CVSSv2
CVE-2011-4576
The SSL 3.0 implementation in OpenSSL prior to 0.9.8s and 1.x prior to 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote malicious users to obtain sensitive information by decrypting the padding data sent by an SSL peer.
Openssl Openssl
Openssl Openssl 0.9.8q
Openssl Openssl 0.9.8j
Openssl Openssl 0.9.8i
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.6m
Openssl Openssl 0.9.6l
Openssl Openssl 0.9.6f
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.4
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.8p
Openssl Openssl 0.9.8o
Openssl Openssl 0.9.8h
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8
Openssl Openssl 0.9.7m
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.7d
5
CVSSv2
CVE-2011-4619
The Server Gated Cryptography (SGC) implementation in OpenSSL prior to 0.9.8s and 1.x prior to 1.0.0f does not properly handle handshake restarts, which allows remote malicious users to cause a denial of service (CPU consumption) via unspecified vectors.
Openssl Openssl 0.9.8m
Openssl Openssl 0.9.8l
Openssl Openssl 0.9.8d
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.7i
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.6g
Openssl Openssl 0.9.6
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.8q
Openssl Openssl 0.9.8p
Openssl Openssl 0.9.8h
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8
Openssl Openssl 0.9.7m
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.6k
9.3
CVSSv2
CVE-2011-4109
Double free vulnerability in OpenSSL 0.9.8 prior to 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote malicious users to have an unspecified impact by triggering failure of a policy check.
Openssl Openssl 0.9.8r
Openssl Openssl 0.9.8q
Openssl Openssl 0.9.8j
Openssl Openssl 0.9.8i
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.8n
Openssl Openssl 0.9.8m
Openssl Openssl 0.9.8f
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8l
Openssl Openssl 0.9.8k
Openssl Openssl 0.9.8d
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.8p
Openssl Openssl 0.9.8o
Openssl Openssl 0.9.8h
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8
1 Article
2.6
CVSSv2
CVE-2011-1945
The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and previous versions, when the Elliptic Curve Digital Signature Algorithm (ECDSA) is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-...
Openssl Openssl 0.9.3a
Openssl Openssl 0.9.4
Openssl Openssl 0.9.6
Openssl Openssl 0.9.6i
Openssl Openssl 1.0.0
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.7
Openssl Openssl 0.9.8h
Openssl Openssl 0.9.8m
Openssl Openssl 0.9.8i
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.7i
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.5
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.6g
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.6k
Openssl Openssl 0.9.6j
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5