Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openssl openssl 1.0.0 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2011-3207
crypto/x509/x509_vfy.c in OpenSSL 1.0.x prior to 1.0.0e does not initialize certain structure members, which makes it easier for remote malicious users to bypass CRL validation by using a nextUpdate value corresponding to a time in the past.
Openssl Openssl 1.0.0
Openssl Openssl 1.0.0a
Openssl Openssl 1.0.0b
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0d
5
CVSSv2
CVE-2009-1379
Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote malicious users to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated...
Openssl Openssl 1.0.0
1 EDB exploit
6.4
CVSSv2
CVE-2010-1633
RSA verification recovery in the EVP_PKEY_verify_recover function in OpenSSL 1.x prior to 1.0.0a, as used by pkeyutl and possibly other applications, returns uninitialized memory upon failure, which might allow context-dependent malicious users to bypass intended key requirements...
Openssl Openssl 1.0.0
7.6
CVSSv2
CVE-2010-3864
Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f up to and including 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote malicious users to execute arbitrary code via client data that triggers a heap-based...
Openssl Openssl 0.9.8f
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8h
Openssl Openssl 0.9.8i
Openssl Openssl 0.9.8j
Openssl Openssl 0.9.8k
Openssl Openssl 0.9.8l
Openssl Openssl 0.9.8m
Openssl Openssl 0.9.8n
Openssl Openssl 0.9.8o
Openssl Openssl 1.0.0
Openssl Openssl 1.0.0a
5
CVSSv2
CVE-2011-0014
ssl/t1_lib.c in OpenSSL 0.9.8h up to and including 0.9.8q and 1.0.0 up to and including 1.0.0c allows remote malicious users to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake mes...
Openssl Openssl 0.9.8h
Openssl Openssl 0.9.8i
Openssl Openssl 0.9.8j
Openssl Openssl 0.9.8k
Openssl Openssl 0.9.8l
Openssl Openssl 0.9.8m
Openssl Openssl 0.9.8n
Openssl Openssl 0.9.8o
Openssl Openssl 0.9.8p
Openssl Openssl 0.9.8q
Openssl Openssl 1.0.0
Openssl Openssl 1.0.0a
7.5
CVSSv2
CVE-2014-3512
Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL 1.0.1 prior to 1.0.1i allow remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid SRP (1) g, (2) A, or (3) B parameter...
Openssl Openssl 1.0.0
Openssl Openssl 1.0.0a
Openssl Openssl 1.0.0b
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.0k
6.8
CVSSv2
CVE-2014-3509
Race condition in the ssl_parse_serverhello_tlsext function in t1_lib.c in OpenSSL 1.0.0 prior to 1.0.0n and 1.0.1 prior to 1.0.1i, when multithreading and session resumption are used, allows remote SSL servers to cause a denial of service (memory overwrite and client application...
Openssl Openssl 1.0.0
Openssl Openssl 1.0.0a
Openssl Openssl 1.0.0b
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.0k
1 Github repository
4.3
CVSSv2
CVE-2014-3511
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1 prior to 1.0.1i allows man-in-the-middle malicious users to force the use of TLS 1.0 by triggering ClientHello message fragmentation in communication between a client and server that both support later TLS version...
Openssl Openssl 1.0.0
Openssl Openssl 1.0.0a
Openssl Openssl 1.0.0b
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.0k
1 Github repository
5
CVSSv2
CVE-2011-3210
The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 up to and including 0.9.8r and 1.0.x prior to 1.0.0e does not ensure thread safety during processing of handshake messages from clients, which allows remote malicious users to cause a denial of service (daemon crash) v...
Openssl Openssl 0.9.8
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.8d
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8f
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8h
Openssl Openssl 0.9.8i
Openssl Openssl 0.9.8j
Openssl Openssl 0.9.8k
4.3
CVSSv2
CVE-2014-3568
OpenSSL prior to 0.9.8zc, 1.0.0 prior to 1.0.0o, and 1.0.1 prior to 1.0.1j does not properly enforce the no-ssl3 build option, which allows remote malicious users to bypass intended access restrictions via an SSL 3.0 handshake, related to s23_clnt.c and s23_srvr.c.
Openssl Openssl
Openssl Openssl 1.0.0
Openssl Openssl 1.0.0a
Openssl Openssl 1.0.0b
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0j
1 Article
Preferred Score:
CVSSv2
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2024-13837
openanolis
shopwarden
mobatek
CVE-2024-13582
CVE-2025-25223
CVE-2025-24200
client side
CVE-2024-40591
CVE-2024-13627
type confusion
CSRF
softdiscover
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »