Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openssl vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-41116
Composer is an open source dependency manager for the PHP language. In affected versions windows users running Composer to install untrusted dependencies are subject to command injection and should upgrade their composer version. Other OSs and WSL are not affected. The issue has ...
Getcomposer Composer
Tenable Tenable.sc
7.5
CVSSv2
CVE-2021-3711
In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" paramete...
Openssl Openssl
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Manageability Software Development Kit -
Netapp Storage Encryption -
Netapp E-series Santricity Os Controller
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Jd Edwards World Security A9.4
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Session Border Controller 8.4
Oracle Enterprise Communications Broker 3.2.0
Oracle Zfs Storage Appliance Kit 8.8
Oracle Peoplesoft Enterprise Peopletools 8.59
1 Github repository
1 Article
7.5
CVSSv2
CVE-2020-28017
Exim 4 prior to 4.94.2 allows Integer Overflow to Buffer Overflow in receive_add_recipient via an e-mail message with fifty million recipients. NOTE: remote exploitation may be difficult because of resource consumption.
Exim Exim
2 Github repositories
7.5
CVSSv2
CVE-2020-28018
Exim 4 prior to 4.94.2 allows Use After Free in smtp_reset in certain situations that may be common for builds with OpenSSL.
Exim Exim
2 Github repositories
7.5
CVSSv2
CVE-2020-25179
GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the network.
Gehealthcare 3.0t Signa Hdxt Firmware -
Gehealthcare 3.0t Signa Hd 16 Firmware -
Gehealthcare 3.0t Signa Hd 23 Firmware -
Gehealthcare 1.5t Brivo Mr355 Firmware -
Gehealthcare Optima Mr360 Firmware -
Gehealthcare Signa Hdi 1.5t Firmware -
Gehealthcare Signa Vibrant Firmware -
Gehealthcare Logiq 5 Bt03 Firmware -
Gehealthcare Logiq 7 Bt03 Firmware -
Gehealthcare Logiq 7 Bt04 Firmware -
Gehealthcare Logiq 7 Bt06 Firmware -
Gehealthcare Logiq 9 Bt02 Firmware -
Gehealthcare Logiq 9 Bt03 Firmware -
Gehealthcare Logiq 9 Bt04 Firmware -
Gehealthcare Logiq 9 Bt06 Firmware -
Gehealthcare Vivid I Bt06 Firmware -
Gehealthcare Vivid 7 Bt02 Firmware -
Gehealthcare Vivid 7 Bt06 Firmware -
Gehealthcare Echopac Bt06 Firmware -
Gehealthcare Image Vault Firmware -
Gehealthcare Voluson 730 Bt05 Firmware -
Gehealthcare Voluson 730 Bt08 Firmware -
1 Article
7.5
CVSSv2
CVE-2020-13417
An Elevation of Privilege issue exists in Aviatrix VPN Client prior to 2.10.7, because of an incomplete fix for CVE-2020-7224. This affects Linux, macOS, and Windows installations for certain OpenSSL parameters.
Aviatrix Controller
Aviatrix Gateway
Aviatrix Vpn Client
7.5
CVSSv2
CVE-2020-7224
The Aviatrix OpenVPN client up to and including 2.5.7 on Linux, macOS, and Windows is vulnerable when OpenSSL parameters are altered from the issued value set; the parameters could allow unauthorized third-party libraries to load.
Aviatrix Openvpn
7.5
CVSSv2
CVE-2011-4121
The OpenSSL extension of Ruby (Git trunk) versions after 2011-09-01 up to 2011-11-03 always generated an exponent value of '1' to be used for private RSA key generation. A remote attacker could use this flaw to bypass or corrupt integrity of services, depending on stron...
Ruby-lang Ruby
7.5
CVSSv2
CVE-2019-10211
Postgresql Windows installer prior to 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via bundled OpenSSL executing code from unprotected directory.
Postgresql Postgresql
7.5
CVSSv2
CVE-2018-20997
An issue exists in the openssl crate prior to 0.10.9 for Rust. A use-after-free occurs in CMS Signing.
Rust-openssl Project Rust-openssl
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298
CVE-2024-20356
CVE-2023-21987
CVE-2024-33217
bypass
CVE-2024-31804
CVE-2024-32660
unauthorized
SSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »