Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openssl project vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2021-32489
An issue exists in the _send_secure_msg() function of Yubico yubihsm-shell up to and including 2.0.3. The function does not correctly validate the embedded length field of an authenticated message received from the device because response_msg.st.len=8 can be accepted but triggers...
4.3
CVSSv2
CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_ce...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Netapp Cloud Volumes Ontap Mediator -
Netapp E-series Performance Analyzer -
Tenable Tenable.sc
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Tenable Log Correlation Engine
Fedoraproject Fedora 34
5 Github repositories
1 Article
5.8
CVSSv2
CVE-2021-3450
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve paramet...
Openssl Openssl
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider Firmware -
Netapp Storagegrid Firmware -
Windriver Linux -
Windriver Linux 18.0
Windriver Linux 19.0
Windriver Linux 17.0
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Ontap Select Deploy Administration Utility -
Netapp Cloud Volumes Ontap Mediator -
Fedoraproject Fedora 34
Tenable Nessus Agent
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Oracle Jd Edwards World Security A9.4
Oracle Weblogic Server 12.2.1.4.0
1 Github repository
1 Article
6.8
CVSSv2
CVE-2009-0642
ext/openssl/ossl_ocsp.c in Ruby 1.8 and 1.9 does not properly check the return value from the OCSP_basic_verify function, which might allow remote malicious users to successfully present an invalid X.509 certificate, possibly involving a revoked certificate.
Ruby-lang Ruby 1.9
Ruby-lang Ruby 1.8
7.5
CVSSv2
CVE-2012-2388
The GMP Plugin in strongSwan 4.2.0 up to and including 4.6.3 allows remote malicious users to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability."
Strongswan Strongswan 4.2.16
Strongswan Strongswan 4.2.9
Strongswan Strongswan 4.2.6
Strongswan Strongswan 4.2.15
Strongswan Strongswan 4.2.1
Strongswan Strongswan 4.3.2
Strongswan Strongswan 4.6.0
Strongswan Strongswan 4.6.1
Strongswan Strongswan 4.4.1
Strongswan Strongswan 4.2.11
Strongswan Strongswan 4.2.10
Strongswan Strongswan 4.2.5
Strongswan Strongswan 4.2.0
Strongswan Strongswan 4.3.5
Strongswan Strongswan 4.4.0
Strongswan Strongswan 4.5.1
Strongswan Strongswan 4.5.0
Strongswan Strongswan 4.2.13
Strongswan Strongswan 4.2.12
Strongswan Strongswan 4.2.3
Strongswan Strongswan 4.2.4
Strongswan Strongswan 4.3.4
7.5
CVSSv2
CVE-2012-0036
curl and libcurl 7.2x prior to 7.24.0 do not properly consider special characters during extraction of a pathname from a URL, which allows remote malicious users to conduct data-injection attacks via a crafted URL, as demonstrated by a CRLF injection attack on the (1) IMAP, (2) P...
Curl Curl 7.21.1
Curl Curl 7.21.2
Curl Curl 7.23.0
Curl Curl 7.23.1
Curl Curl 7.20.1
Curl Curl 7.21.0
Curl Curl 7.21.7
Curl Curl 7.22.0
Curl Curl 7.21.3
Curl Curl 7.21.4
Curl Curl 7.20.0
Curl Curl 7.21.5
Curl Curl 7.21.6
Curl Libcurl 7.21.3
Curl Libcurl 7.21.4
Curl Libcurl 7.21.1
Curl Libcurl 7.21.2
Curl Libcurl 7.23.1
Curl Libcurl 7.20.0
Curl Libcurl 7.21.5
Curl Libcurl 7.21.6
Curl Libcurl 7.21.7
5
CVSSv2
CVE-2005-2532
OpenVPN prior to 2.0.1 does not properly flush the OpenSSL error queue when a packet can not be decrypted by the server, which allows remote authenticated malicious users to cause a denial of service (client disconnection) via a large number of packets that can not be decrypted.
Openvpn Openvpn 2.0.1 Rc1
Openvpn Openvpn 2.0.1 Rc2
Openvpn Openvpn 2.0.1 Rc3
Openvpn Openvpn 2.0.1 Rc4
Openvpn Openvpn 2.0 Beta19
Openvpn Openvpn 2.0 Beta2
Openvpn Openvpn 2.0 Beta20
Openvpn Openvpn 2.0 Beta28
Openvpn Openvpn 2.0 Rc15
Openvpn Openvpn 2.0 Rc16
Openvpn Openvpn 2.0 Rc17
Openvpn Openvpn 2.0 Rc18
Openvpn Openvpn 2.0 Test11
Openvpn Openvpn 2.0 Test12
Openvpn Openvpn 2.0 Test14
Openvpn Openvpn 2.0 Test15
Openvpn Openvpn 2.0 Test29
Openvpn Openvpn 2.0 Test3
Openvpn Openvpn 2.0 Test5
Openvpn Openvpn 2.0 Test6
Openvpn Openvpn 2.0 Test7
Openvpn Openvpn 2.0 Beta10
5
CVSSv2
CVE-2005-2531
OpenVPN prior to 2.0.1, when running with "verb 0" and without TLS authentication, does not properly flush the OpenSSL error queue when a client fails certificate authentication to the server and causes the error to be processed by the wrong client, which allows remote ...
Openvpn Openvpn 2.0 Beta10
Openvpn Openvpn 2.0 Beta11
Openvpn Openvpn 2.0 Beta12
Openvpn Openvpn 2.0 Beta13
Openvpn Openvpn 2.0 Beta7
Openvpn Openvpn 2.0 Beta8
Openvpn Openvpn 2.0 Beta9
Openvpn Openvpn 2.0 Rc1
Openvpn Openvpn 2.0 Rc10
Openvpn Openvpn 2.0 Rc3
Openvpn Openvpn 2.0 Rc4
Openvpn Openvpn 2.0 Rc5
Openvpn Openvpn 2.0 Rc6
Openvpn Openvpn 2.0 Test2
Openvpn Openvpn 2.0 Test20
Openvpn Openvpn 2.0 Test21
Openvpn Openvpn 2.0 Test22
Openvpn Openvpn 2.0
Openvpn Openvpn 2.0.1 Rc1
Openvpn Openvpn 2.0.1 Rc2
Openvpn Openvpn 2.0.1 Rc3
Openvpn Openvpn 2.0 Beta19
5.8
CVSSv2
CVE-2014-0139
cURL and libcurl 7.1 prior to 7.36.0, when using the OpenSSL, axtls, qsossl or gskit libraries for TLS, recognize a wildcard IP address in the subject's Common Name (CN) field of an X.509 certificate, which might allow man-in-the-middle malicious users to spoof arbitrary SSL...
Haxx Curl 7.12.0
Haxx Curl 7.12.1
Haxx Curl 7.15.0
Haxx Curl 7.15.1
Haxx Curl 7.16.2
Haxx Curl 7.16.3
Haxx Curl 7.19.0
Haxx Curl 7.19.1
Haxx Curl 7.20.1
Haxx Curl 7.21.0
Haxx Curl 7.21.7
Haxx Curl 7.22.0
Haxx Curl 7.28.0
Haxx Curl 7.28.1
Haxx Libcurl 7.10.7
Haxx Curl 7.10.8
Haxx Curl 7.11.0
Haxx Curl 7.13.0
Haxx Curl 7.13.1
Haxx Curl 7.13.2
Haxx Curl 7.15.4
Haxx Curl 7.15.5
4.3
CVSSv2
CVE-2011-3389
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle malicious users...
Opera Opera Browser -
Microsoft Internet Explorer -
Microsoft Windows -
Google Chrome -
Mozilla Firefox -
Siemens Simatic Rf68xr Firmware
Siemens Simatic Rf615r Firmware
Haxx Curl
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server Aus 6.2
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Eus 6.2
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 10.04
2 Github repositories
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7