Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openssl openssl 1.0.0i vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2014-3512
Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL 1.0.1 prior to 1.0.1i allow remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid SRP (1) g, (2) A, or (3) B parameter...
Openssl Openssl 1.0.0
Openssl Openssl 1.0.0a
Openssl Openssl 1.0.0b
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.0k
6.8
CVSSv2
CVE-2014-3509
Race condition in the ssl_parse_serverhello_tlsext function in t1_lib.c in OpenSSL 1.0.0 prior to 1.0.0n and 1.0.1 prior to 1.0.1i, when multithreading and session resumption are used, allows remote SSL servers to cause a denial of service (memory overwrite and client application...
Openssl Openssl 1.0.0
Openssl Openssl 1.0.0a
Openssl Openssl 1.0.0b
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.0k
1 Github repository
4.3
CVSSv2
CVE-2014-3511
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1 prior to 1.0.1i allows man-in-the-middle malicious users to force the use of TLS 1.0 by triggering ClientHello message fragmentation in communication between a client and server that both support later TLS version...
Openssl Openssl 1.0.0
Openssl Openssl 1.0.0a
Openssl Openssl 1.0.0b
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.0k
1 Github repository
4.3
CVSSv2
CVE-2014-3568
OpenSSL prior to 0.9.8zc, 1.0.0 prior to 1.0.0o, and 1.0.1 prior to 1.0.1j does not properly enforce the no-ssl3 build option, which allows remote malicious users to bypass intended access restrictions via an SSL 3.0 handshake, related to s23_clnt.c and s23_srvr.c.
Openssl Openssl
Openssl Openssl 1.0.0
Openssl Openssl 1.0.0a
Openssl Openssl 1.0.0b
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0j
1 Article
4.3
CVSSv2
CVE-2016-0703
The get_client_master_key function in s2_srvr.c in the SSLv2 implementation in OpenSSL prior to 0.9.8zf, 1.0.0 prior to 1.0.0r, 1.0.1 prior to 1.0.1m, and 1.0.2 prior to 1.0.2a accepts a nonzero CLIENT-MASTER-KEY CLEAR-KEY-LENGTH value for an arbitrary cipher, which allows man-in...
Openssl Openssl
Openssl Openssl 1.0.0
Openssl Openssl 1.0.0a
Openssl Openssl 1.0.0b
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0j
2 Nmap scripts
4.3
CVSSv2
CVE-2016-0704
An oracle protection mechanism in the get_client_master_key function in s2_srvr.c in the SSLv2 implementation in OpenSSL prior to 0.9.8zf, 1.0.0 prior to 1.0.0r, 1.0.1 prior to 1.0.1m, and 1.0.2 prior to 1.0.2a overwrites incorrect MASTER-KEY bytes during use of export cipher sui...
Openssl Openssl
Openssl Openssl 1.0.0
Openssl Openssl 1.0.0a
Openssl Openssl 1.0.0b
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0j
5
CVSSv2
CVE-2014-3506
d1_both.c in the DTLS implementation in OpenSSL 0.9.8 prior to 0.9.8zb, 1.0.0 prior to 1.0.0n, and 1.0.1 prior to 1.0.1i allows remote malicious users to cause a denial of service (memory consumption) via crafted DTLS handshake messages that trigger memory allocations correspondi...
Openssl Openssl 0.9.8
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.8d
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8f
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8h
Openssl Openssl 0.9.8i
Openssl Openssl 0.9.8j
Openssl Openssl 0.9.8k
5
CVSSv2
CVE-2014-3507
Memory leak in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 prior to 0.9.8zb, 1.0.0 prior to 1.0.0n, and 1.0.1 prior to 1.0.1i allows remote malicious users to cause a denial of service (memory consumption) via zero-length DTLS fragments that trigger improper handling of...
Openssl Openssl 0.9.8
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.8d
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8f
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8h
Openssl Openssl 0.9.8i
Openssl Openssl 0.9.8j
Openssl Openssl 0.9.8k
1 Github repository
5
CVSSv2
CVE-2014-3505
Double free vulnerability in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 prior to 0.9.8zb, 1.0.0 prior to 1.0.0n, and 1.0.1 prior to 1.0.1i allows remote malicious users to cause a denial of service (application crash) via crafted DTLS packets that trigger an error cond...
Openssl Openssl 0.9.8
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.8d
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8f
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8h
Openssl Openssl 0.9.8i
Openssl Openssl 0.9.8j
Openssl Openssl 0.9.8k
4.3
CVSSv2
CVE-2014-3508
The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 prior to 0.9.8zb, 1.0.0 prior to 1.0.0n, and 1.0.1 prior to 1.0.1i, when pretty printing is used, does not ensure the presence of '\0' characters, which allows context-dependent malicious users to obt...
Openssl Openssl 0.9.8
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.8d
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8f
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8h
Openssl Openssl 0.9.8i
Openssl Openssl 0.9.8j
Openssl Openssl 0.9.8k
1 Github repository
Preferred Score:
CVSSv2
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2024-13837
openanolis
shopwarden
mobatek
CVE-2024-13582
CVE-2025-25223
CVE-2025-24200
client side
CVE-2024-40591
CVE-2024-13627
type confusion
CSRF
softdiscover
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »