Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openssl project vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-49210
The openssl (aka node-openssl) NPM package up to and including 2.0.0 was characterized as "a nonsense wrapper with no real purpose" by its author, and accepts an opts argument that contains a verb field (used for command execution). NOTE: This vulnerability only affects...
Node-openssl Project Node-openssl
445
VMScore
CVE-2017-16064
node-openssl was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Node-openssl Project Node-openssl
668
VMScore
CVE-2018-20997
An issue exists in the openssl crate prior to 0.10.9 for Rust. A use-after-free occurs in CMS Signing.
Rust-openssl Project Rust-openssl
1 Github repository
605
VMScore
CVE-2016-10931
An issue exists in the openssl crate prior to 0.9.0 for Rust. There is an SSL/TLS man-in-the-middle vulnerability because certificate verification is off by default and there is no API for hostname verification.
Rust-openssl Project Rust-openssl
1 Github repository
570
VMScore
CVE-2020-9433
openssl_x509_check_email in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return values.
Lua-openssl Project Lua-openssl 0.7.7-1
570
VMScore
CVE-2020-9434
openssl_x509_check_ip_asc in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return values.
Lua-openssl Project Lua-openssl 0.7.7-1
570
VMScore
CVE-2020-9432
openssl_x509_check_host in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return values.
Lua-openssl Project Lua-openssl 0.7.7-1
169
VMScore
CVE-2014-0076
The Montgomery ladder implementation in OpenSSL up to and including 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack.
Openssl Openssl 0.9.7
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.7l
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.8m
Openssl Openssl 0.9.3
Openssl Openssl 0.9.8c
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 0.9.7c
Openssl Openssl 1.0.0
Openssl Openssl 0.9.5
Openssl Openssl 0.9.8n
Openssl Openssl 0.9.8p
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.6
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8u
1 Github repository
516
VMScore
CVE-2011-4354
crypto/bn/bn_nist.c in OpenSSL prior to 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curv...
Openssl Openssl 0.9.8
Openssl Openssl 0.9.8a
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.3
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.6
Openssl Openssl 0.9.6g
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.6k
Openssl Openssl 0.9.7
Openssl Openssl 0.9.7m
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.7h
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.3a
Openssl Openssl 0.9.4
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.6f
Openssl Openssl 0.9.8f
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.5
445
VMScore
CVE-2013-0166
OpenSSL prior to 0.9.8y, 1.0.0 prior to 1.0.0k, and 1.0.1 prior to 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key.
Openssl Openssl 0.9.7
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.7l
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.8m
Openssl Openssl 0.9.3
Openssl Openssl 0.9.8c
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.5
Openssl Openssl 0.9.8n
Openssl Openssl 0.9.8p
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.6
Openssl Openssl 1.0.1c
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8u
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »