Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openssl openssl 0.9.6 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-0653
OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote malicious users to spoof the certificates of trusted sites via a man-in-the-middle attack, a related issue to CVE-2002-0970.
Openssl Openssl 0.9.6
NA
CVE-2003-0131
The SSL and TLS components for OpenSSL 0.9.6i and previous versions, 0.9.7, and 0.9.7a allow remote malicious users to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padd...
Openssl Openssl 0.9.6
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.6b
Openssl Openssl 0.9.7
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.6g
Openssl Openssl 0.9.6c
Openssl Openssl 0.9.6d
NA
CVE-2001-1141
The Pseudo-Random Number Generator (PRNG) in SSLeay and OpenSSL prior to 0.9.6b allows malicious users to use the output of small PRNG requests to determine the internal state information, which could be used by malicious users to predict future pseudo-random numbers.
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.2b
Ssleay Ssleay 0.9
Ssleay Ssleay 0.9.1
Openssl Openssl 0.9.3
Openssl Openssl 0.9.4
Openssl Openssl 0.9.5
Openssl Openssl 0.9.6
Openssl Openssl 0.9.6a
Ssleay Ssleay 0.8.1
NA
CVE-2009-4355
Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and previous versions and 1.0.0 Beta through Beta 4 allows remote malicious users to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cl...
Openssl Openssl
Openssl Openssl 0.9.8k
Openssl Openssl 0.9.8d
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7e
Redhat Openssl 0.9.7a-2
Openssl Openssl 0.9.8f
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.7
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.6
Openssl Openssl 0.9.6c
Openssl Openssl 0.9.6b
Openssl Openssl 0.9.5
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.8h
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.7a
NA
CVE-2005-1797
The design of Advanced Encryption Standard (AES), aka Rijndael, allows remote malicious users to recover AES keys via timing attacks on S-box lookups, which are difficult to perform in constant time in AES implementations.
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.3
Openssl Openssl 0.9.4
Openssl Openssl 0.9.6j
Openssl Openssl 0.9.6k
Openssl Openssl 0.9.6l
Openssl Openssl 0.9.6m
Openssl Openssl 0.9.7
Openssl Openssl 0.9.6b
Openssl Openssl 0.9.6c
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.6f
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.5
Openssl Openssl 0.9.6
NA
CVE-2012-2110
The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL prior to 0.9.8v, 1.0.0 prior to 1.0.0i, and 1.0.1 prior to 1.0.1a does not properly interpret integer data, which allows remote malicious users to conduct buffer overflow attacks, and cause a denial of service (m...
Openssl Openssl 1.0.0
Openssl Openssl 1.0.0a
Openssl Openssl 1.0.0g
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0b
Openssl Openssl
Openssl Openssl 0.9.8r
Openssl Openssl 0.9.8q
Openssl Openssl 0.9.8p
Openssl Openssl 0.9.8j
Openssl Openssl 0.9.8i
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.7
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.6m
1 EDB exploit
NA
CVE-2004-0975
The der_chop script in the openssl package in Trustix Secure Linux 1.5 up to and including 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.
Mandrakesoft Mandrake Multi Network Firewall 8.2
Openssl Openssl 0.9.6f
Openssl Openssl 0.9.6g
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.6b
Openssl Openssl 0.9.6c
Openssl Openssl 0.9.6k
Openssl Openssl 0.9.6l
Openssl Openssl 0.9.6
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.6j
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.6m
Openssl Openssl 0.9.7c
Mandrakesoft Mandrake Linux 9.2
Mandrakesoft Mandrake Linux Corporate Server 2.1
Mandrakesoft Mandrake Linux 10.0
Mandrakesoft Mandrake Linux 10.1
Gentoo Linux
NA
CVE-2012-2333
Integer underflow in OpenSSL prior to 0.9.8x, 1.0.0 prior to 1.0.0j, and 1.0.1 prior to 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote malicious users to cause a denial of service (buffer over-read) or possibly have unspecified other impact via ...
Openssl Openssl 0.9.8m
Openssl Openssl 0.9.8g
Openssl Openssl 0.9.8f
Openssl Openssl 0.9.8p
Openssl Openssl 0.9.8h
Openssl Openssl
Openssl Openssl 0.9.8v
Openssl Openssl 0.9.8q
Openssl Openssl 0.9.8o
Openssl Openssl 0.9.8i
Openssl Openssl 0.9.8j
Openssl Openssl 0.9.7
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7g
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.6
Openssl Openssl 0.9.6b
Openssl Openssl 0.9.6e
Redhat Openssl 0.9.6-15
Openssl Openssl 0.9.8u
Openssl Openssl 0.9.8t
Openssl Openssl 0.9.8s
NA
CVE-2006-2940
OpenSSL 0.9.7 prior to 0.9.7l, 0.9.8 prior to 0.9.8d, and previous versions versions allows malicious users to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certif...
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7b
Openssl Openssl 0.9.7i
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7k
Openssl Openssl 0.9.8
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.6c
Openssl Openssl 0.9.6b
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.6e
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.3a
Openssl Openssl 0.9.6f
NA
CVE-2006-4339
OpenSSL prior to 0.9.7, 0.9.7 prior to 0.9.7k, and 0.9.8 prior to 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote malicious users to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents Open...
Openssl Openssl 0.9.7f
Openssl Openssl 0.9.7g
Openssl Openssl
Openssl Openssl 0.9.6g
Openssl Openssl 0.9.6j
Openssl Openssl 0.9.6l
Openssl Openssl 0.9.6
Openssl Openssl 0.9.4
Openssl Openssl 0.9.5
Openssl Openssl 0.9.7a
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.7i
Openssl Openssl 0.9.6f
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.6h
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.6b
Openssl Openssl 0.9.3
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.7d
Openssl Openssl 0.9.7e
Openssl Openssl 0.9.8a
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »