Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openssl openssl vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2008-1672
OpenSSL 0.9.8f and 0.9.8g allows remote malicious users to cause a denial of service (crash) via a TLS handshake that omits the Server Key Exchange message and uses "particular cipher suites," which triggers a NULL pointer dereference.
Openssl Openssl 0.9.8f
Openssl Openssl 0.9.8g
Canonical Ubuntu Linux 8.04
445
VMScore
CVE-2003-0147
OpenSSL does not use RSA blinding by default, which allows local and remote malicious users to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different inte...
Openpkg Openpkg 1.2
Openssl Openssl 0.9.6
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.7
Stunnel Stunnel 3.15
Stunnel Stunnel 3.16
Stunnel Stunnel 3.7
Stunnel Stunnel 3.8
Openssl Openssl 0.9.6c
Openssl Openssl 0.9.6d
Stunnel Stunnel 3.11
Stunnel Stunnel 3.12
Stunnel Stunnel 3.19
Stunnel Stunnel 3.20
Stunnel Stunnel 4.01
Stunnel Stunnel 4.02
Openpkg Openpkg
Openpkg Openpkg 1.1
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.6g
Stunnel Stunnel 3.13
520
VMScore
CVE-2019-1543
ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value (IV) should be 96 bits (12 bytes). OpenSSL allows a variable nonce length and front pads the nonce with 0 bytes if it is less than 12 byt...
Openssl Openssl
14 Github repositories
NA
CVE-2022-4203
A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to con...
Openssl Openssl
NA
CVE-2023-0466
The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to p...
Openssl Openssl
NA
CVE-2022-3996
If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems (most widely: Windows) this results in a denial of service when the affected process hangs. Policy process...
Openssl Openssl
1 Github repository
107
VMScore
CVE-2007-3108
The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and previous versions does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys.
Openssl Openssl
NA
CVE-2023-0217
An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVP_PKEY_public_check() function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted so...
Openssl Openssl
NA
CVE-2023-1255
Issue summary: The AES-XTS cipher decryption implementation for 64 bit ARM platform contains a bug that could cause it to read past the input buffer, leading to a crash. Impact summary: Applications that use the AES-XTS algorithm on the 64 bit ARM platform can crash in rare circu...
Openssl Openssl
NA
CVE-2023-4807
Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X86_64 processors supporting the AVX512-IFMA instructions. Impact summary: If in an a...
Openssl Openssl
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »