Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openssl openssl 1.0 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2011-1468
Multiple memory leaks in the OpenSSL extension in PHP prior to 5.3.6 might allow remote malicious users to cause a denial of service (memory consumption) via (1) plaintext data to the openssl_encrypt function or (2) ciphertext data to the openssl_decrypt function.
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.0
Php Php 4.4.1
Php Php 4.4.8
Php Php 4.4.9
Php Php 3.0.11
Php Php 3.0.18
Php Php 3.0.4
Php Php 3.0.7
Php Php 3.0.8
Php Php 5.2.10
Php Php 5.2.13
Php Php 5.2.3
Php Php 5.2.14
Php Php 5.2.4
Php Php 5.1.3
2 EDB exploits
5
CVSSv2
CVE-2009-5057
The S/MIME feature in Open Ticket Request System (OTRS) prior to 2.3.4 does not configure the RANDFILE and HOME environment variables for OpenSSL, which might make it easier for remote malicious users to decrypt e-mail messages that had lower than intended entropy available for c...
Otrs Otrs 2.1.9
Otrs Otrs 2.1.1
Otrs Otrs 2.1.8
Otrs Otrs 2.1.3
Otrs Otrs 2.3.0
Otrs Otrs 2.2.0
Otrs Otrs 2.0.2
Otrs Otrs 2.0.3
Otrs Otrs 1.0.0
Otrs Otrs 0.5
Otrs Otrs 1.1
Otrs Otrs 2.0.5
Otrs Otrs 2.2.5
Otrs Otrs 2.0.0
Otrs Otrs 1.1.3
Otrs Otrs 1.2.0
Otrs Otrs 1.2.1
Otrs Otrs
Otrs Otrs 2.1.0
Otrs Otrs 2.1.5
Otrs Otrs 2.3.1
Otrs Otrs 2.3.2
5
CVSSv2
CVE-2008-7278
The S/MIME feature in Open Ticket Request System (OTRS) prior to 2.2.5, and 2.3.x prior to 2.3.0-beta1, does not properly configure the RANDFILE environment variable for OpenSSL, which might make it easier for remote malicious users to decrypt e-mail messages that had lower than ...
Otrs Otrs 2.1.2
Otrs Otrs 2.1.1
Otrs Otrs 2.1.8
Otrs Otrs 2.1.4
Otrs Otrs 2.1.3
Otrs Otrs 0.5
Otrs Otrs 1.0
Otrs Otrs 2.1.7
Otrs Otrs 2.0.0
Otrs Otrs 1.3.0
Otrs Otrs 2.0.1
Otrs Otrs 2.0.2
Otrs Otrs 2.2.0
Otrs Otrs 2.0.3
Otrs Otrs 1.1.1
Otrs Otrs 1.3.3
Otrs Otrs 1.1.0
Otrs Otrs 1.1.2
Otrs Otrs 1.2.0
Otrs Otrs 2.2.2
Otrs Otrs 2.2.3
Otrs Otrs
4.3
CVSSv2
CVE-2010-4180
OpenSSL prior to 0.9.8q, and 1.0.x prior to 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote malicious users to force the downgrade to an unintended cipher via vect...
Openssl Openssl
Fedoraproject Fedora 13
Fedoraproject Fedora 14
Debian Debian Linux 5.0
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 6.06
Suse Linux Enterprise Desktop 11
Opensuse Opensuse 11.1
Suse Linux Enterprise Server 9
Opensuse Opensuse 11.4
Opensuse Opensuse 11.2
Opensuse Opensuse 11.3
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Server 10
Suse Linux Enterprise 11.0
F5 Nginx
5.8
CVSSv2
CVE-2009-3555
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and previous versions, OpenSSL prior to 0.9.8l, GnuTLS 2.8.5 and previous versions, Mozilla Network Security Ser...
Openssl Openssl 1.0
Apache Http Server
Openssl Openssl
Gnu Gnutls
Mozilla Nss
Debian Debian Linux 5.0
Canonical Ubuntu Linux 10.10
Fedoraproject Fedora 11
Fedoraproject Fedora 13
Debian Debian Linux 4.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 9.04
Debian Debian Linux 6.0
Fedoraproject Fedora 12
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 9.10
Fedoraproject Fedora 14
F5 Nginx
2 EDB exploits
10 Github repositories
5
CVSSv2
CVE-2005-2969
The SSL/TLS server implementation in OpenSSL 0.9.7 prior to 0.9.7h and 0.9.8 prior to 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote malicious users t...
Openssl Openssl 0.9.7
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.8
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.7f
5
CVSSv2
CVE-2004-0079
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote malicious users to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
Cisco Firewall Services Module
Symantec Clientless Vpn Gateway 4400 5.0
Hp Apache-based Web Server 2.0.43.00
Cisco Firewall Services Module 1.1.3
Cisco Firewall Services Module 1.1.2
Hp Aaa Server
Cisco Firewall Services Module 1.1 \\(3.005\\)
Hp Apache-based Web Server 2.0.43.04
Cisco Firewall Services Module 2.1 \\(0.208\\)
Avaya Sg203 4.4
Hp Hp-ux 11.11
Redhat Enterprise Linux Desktop 3.0
Hp Hp-ux 11.23
Cisco Ciscoworks Common Management Foundation 2.1
Freebsd Freebsd 5.1
Avaya Sg208 4.4
Redhat Enterprise Linux 3.0
Avaya Sg200 4.4
Avaya Sg5 4.4
Redhat Linux 7.2
Cisco Ciscoworks Common Services 2.2
Openbsd Openbsd 3.3
5
CVSSv2
CVE-2004-0081
OpenSSL 0.9.6 prior to 0.9.6d does not properly handle unknown message types, which allows remote malicious users to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
Cisco Firewall Services Module 1.1.3
Cisco Firewall Services Module 1.1 \\(3.005\\)
Cisco Firewall Services Module
Cisco Firewall Services Module 1.1.2
Symantec Clientless Vpn Gateway 4400 5.0
Hp Apache-based Web Server 2.0.43.00
Hp Apache-based Web Server 2.0.43.04
Cisco Firewall Services Module 2.1 \\(0.208\\)
Hp Aaa Server
Cisco Ciscoworks Common Management Foundation 2.1
Cisco Ciscoworks Common Services 2.2
Avaya Sg208 4.4
Avaya Sg5 4.2
Avaya Sg5 4.3
Freebsd Freebsd 5.1
Hp Hp-ux 8.05
Openbsd Openbsd 3.3
Redhat Linux 8.0
Sco Openserver 5.0.6
Avaya Sg203 4.4
Avaya Sg208
Freebsd Freebsd 4.8
5
CVSSv2
CVE-2004-0112
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote malicious users to cause a denial of service (crash) via a crafted SSL/TLS handshak...
Cisco Firewall Services Module
Symantec Clientless Vpn Gateway 4400 5.0
Hp Apache-based Web Server 2.0.43.00
Cisco Firewall Services Module 1.1.3
Cisco Firewall Services Module 1.1.2
Hp Aaa Server
Cisco Firewall Services Module 1.1 \\(3.005\\)
Hp Apache-based Web Server 2.0.43.04
Cisco Firewall Services Module 2.1 \\(0.208\\)
Avaya Sg203 4.4
Hp Hp-ux 11.11
Redhat Enterprise Linux Desktop 3.0
Hp Hp-ux 11.23
Cisco Ciscoworks Common Management Foundation 2.1
Freebsd Freebsd 5.1
Avaya Sg208 4.4
Redhat Enterprise Linux 3.0
Avaya Sg200 4.4
Avaya Sg5 4.4
Redhat Linux 7.2
Cisco Ciscoworks Common Services 2.2
Openbsd Openbsd 3.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7