Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openssl openssl vulnerabilities and exploits
(subscribe to this query)
NA
CVE-1999-0428
OpenSSL and SSLeay allow remote malicious users to reuse SSL sessions and bypass access controls.
Openssl Openssl
NA
CVE-2009-1377
The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and previous versions 0.9.8 versions allows remote malicious users to cause a denial of service (memory consumption) via a large series of "future epoch" DTLS records that are buffered in a queue, aka &q...
Openssl Openssl
4.9
CVSSv3
CVE-2022-4203
A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to con...
Openssl Openssl
7.5
CVSSv3
CVE-2022-3358
OpenSSL supports creating a custom cipher via the legacy EVP_CIPHER_meth_new() function and associated function calls. This function was deprecated in OpenSSL 3.0 and application authors are instead encouraged to use the new provider mechanism in order to implement custom ciphers...
Openssl Openssl
7.4
CVSSv3
CVE-2019-1543
ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value (IV) should be 96 bits (12 bytes). OpenSSL allows a variable nonce length and front pads the nonce with 0 bytes if it is less than 12 byt...
Openssl Openssl
14 Github repositories
5.3
CVSSv3
CVE-2019-1549
OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in ...
Openssl Openssl
5.3
CVSSv3
CVE-2023-5678
Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications...
Openssl Openssl
1 Github repository
7.5
CVSSv3
CVE-2023-0217
An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVP_PKEY_public_check() function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted so...
Openssl Openssl
NA
CVE-2002-0655
OpenSSL 0.9.6d and previous versions, and 0.9.7-beta2 and previous versions, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow malicious users to cause a denial of service and possibly execute arbitrary code.
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.6a
Oracle Application Server 1.0.2
Openssl Openssl 0.9.6c
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.7
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.3
Openssl Openssl 0.9.4
Openssl Openssl 0.9.5
Oracle Corporate Time Outlook Connector 3.1.1
Oracle Corporate Time Outlook Connector 3.1.2
Oracle Corporate Time Outlook Connector 3.3
Oracle Http Server 9.0.1
Oracle Application Server 1.0.2.2
Openssl Openssl 0.9.6
Openssl Openssl 0.9.6b
Oracle Application Server
Oracle Application Server 1.0.2.1s
Oracle Corporate Time Outlook Connector 3.1
Oracle Http Server 9.2.0
NA
CVE-2002-0656
Buffer overflows in OpenSSL 0.9.6d and previous versions, and 0.9.7-beta2 and previous versions, allow remote malicious users to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3.
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.6b
Openssl Openssl 0.9.6c
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.3
Oracle Application Server 1.0.2.1s
Oracle Application Server 1.0.2.2
Oracle Corporate Time Outlook Connector 3.1
Oracle Corporate Time Outlook Connector 3.1.1
Openssl Openssl 0.9.4
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.7
Oracle Application Server 1.0.2
Oracle Corporate Time Outlook Connector 3.1.2
Oracle Http Server 9.0.1
Openssl Openssl 0.9.5
Openssl Openssl 0.9.6
Oracle Application Server
Oracle Corporate Time Outlook Connector 3.3
Oracle Http Server 9.2.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »