Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stunnel stunnel vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-20230
A flaw was found in stunnel prior to 5.57, where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a certificate signed by a Certificate Authority, which is not the one accepted by the...
Stunnel Stunnel
4.2
CVSSv3
CVE-2022-46174
efs-utils is a set of Utilities for Amazon Elastic File System (EFS). A potential race condition issue exists within the Amazon EFS mount helper in efs-utils versions v1.34.3 and below. When using TLS to mount file systems, the mount helper allocates a local port for stunnel to r...
Amazon Efs-utils
Amazon Elastic File System Container Storage Interface Driver
NA
CVE-2015-3644
Stunnel 5.00 up to and including 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote malicious users to bypass authentication.
Stunnel Stunnel 5.13
Stunnel Stunnel 5.01
Stunnel Stunnel 5.06
Stunnel Stunnel 5.04
Stunnel Stunnel 5.02
Stunnel Stunnel 5.10
Stunnel Stunnel 5.12
Stunnel Stunnel 5.11
Stunnel Stunnel 5.09
Stunnel Stunnel 5.07
Stunnel Stunnel 5.00
Stunnel Stunnel 5.03
Stunnel Stunnel 5.08
Stunnel Stunnel 5.05
NA
CVE-2014-0016
stunnel prior to 5.00, when using fork threading, does not properly update the state of the OpenSSL pseudo-random number generator (PRNG), which causes subsequent children with the same process ID to use the same entropy pool and allows remote malicious users to obtain private ke...
Stunnel Stunnel 0.1
Stunnel Stunnel 4.21
Stunnel Stunnel 4.51
Stunnel Stunnel 1.2
Stunnel Stunnel 4.13
Stunnel Stunnel 2.0
Stunnel Stunnel 4.02
Stunnel Stunnel 4.20
Stunnel Stunnel 4.00
Stunnel Stunnel 4.45
Stunnel Stunnel 3.21c
Stunnel Stunnel 3.7
Stunnel Stunnel 4.07
Stunnel Stunnel 3.0
Stunnel Stunnel 4.09
Stunnel Stunnel 4.54
Stunnel Stunnel 3.8p1
Stunnel Stunnel 3.6
Stunnel Stunnel 4.52
Stunnel Stunnel 4.40
Stunnel Stunnel
Stunnel Stunnel 4.32
NA
CVE-2013-1762
stunnel 4.21 up to and including 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow.
Stunnel Stunnel 4.21
Stunnel Stunnel 4.51
Stunnel Stunnel 4.45
Stunnel Stunnel 4.52
Stunnel Stunnel 4.40
Stunnel Stunnel 4.32
Stunnel Stunnel
Stunnel Stunnel 4.33
Stunnel Stunnel 4.48
Stunnel Stunnel 4.31
Stunnel Stunnel 4.37
Stunnel Stunnel 4.38
Stunnel Stunnel 4.50
Stunnel Stunnel 4.47
Stunnel Stunnel 4.22
Stunnel Stunnel 4.42
Stunnel Stunnel 4.53
Stunnel Stunnel 4.39
Stunnel Stunnel 4.24
Stunnel Stunnel 4.27
Stunnel Stunnel 4.41
Stunnel Stunnel 4.44
NA
CVE-2011-4354
crypto/bn/bn_nist.c in OpenSSL prior to 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curv...
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.7
Openssl Openssl 0.9.5
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8
Openssl Openssl 0.9.8d
Openssl Openssl 0.9.6l
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.6b
Openssl Openssl 0.9.6c
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.4
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.6m
Openssl Openssl 0.9.7i
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8f
NA
CVE-2011-2940
stunnel 4.40 and 4.41 might allow remote malicious users to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Stunnel Stunnel 4.40
Stunnel Stunnel 4.41
NA
CVE-2010-3864
Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f up to and including 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote malicious users to execute arbitrary code via client data that triggers a heap-based...
Openssl Openssl 0.9.8m
Openssl Openssl 0.9.8n
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8k
Openssl Openssl 0.9.8j
Openssl Openssl 0.9.8l
Openssl Openssl 1.0.0
Openssl Openssl 0.9.8o
Openssl Openssl 0.9.8i
Openssl Openssl 0.9.8f
Openssl Openssl 1.0.0a
Openssl Openssl 0.9.8h
NA
CVE-2010-0433
The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL prior to 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote malicious users to cause a denial of service (NULL pointer derefe...
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.8e
Openssl Openssl
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8k
Openssl Openssl 0.9.8d
Openssl Openssl 0.9.8j
Openssl Openssl 0.9.8l
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.8
Openssl Openssl 0.9.8i
Openssl Openssl 0.9.8f
Openssl Openssl 0.9.8h
NA
CVE-2008-2420
The OCSP functionality in stunnel prior to 4.24 does not properly search certificate revocation lists (CRL), which allows remote malicious users to bypass intended access restrictions by using revoked certificates.
Stunnel Stunnel 4.21
Stunnel Stunnel 4.13
Stunnel Stunnel 4.02
Stunnel Stunnel 4.20
Stunnel Stunnel 4.00
Stunnel Stunnel 3.21c
Stunnel Stunnel 3.7
Stunnel Stunnel 4.07
Stunnel Stunnel 4.09
Stunnel Stunnel 3.8p1
Stunnel Stunnel 3.6
Stunnel Stunnel 4.18
Stunnel Stunnel 4.15
Stunnel Stunnel 3.21b
Stunnel Stunnel 3.14
Stunnel Stunnel 3.4a
Stunnel Stunnel 3.22
Stunnel Stunnel 3.18
Stunnel Stunnel 3.20
Stunnel Stunnel 4.12
Stunnel Stunnel 4.04
Stunnel Stunnel 3.15
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »