Filters
OpenSSL OpenSSLThe SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CB…
4.3
First published (updated )
OpenSSL OpenSSLIt was found that an attacker could force OpenSSL to leak memory and never free it via DTLS packets.…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
OpenSSL OpenSSLA vulnerability in the processing of DTLS handshake messages was found that results in large amounts…
First published (updated )
OpenSSL OpenSSLThe Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap ope…
1.9
First published (updated )
OpenSSL OpenSSLInteger underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1…
6.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
OpenSSL OpenSSLThe implementation of Cryptographic Message Syntax (CMS) and PKCS #7 in OpenSSL before 0.9.8u and 1.…
First published (updated )
OpenSSL OpenSSLNull Pointer Dereference
First published (updated )
OpenSSL OpenSSLThe GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST bl…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
OpenSSL OpenSSLOpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attacke…
4.3
First published (updated )
OpenSSL OpenSSLThe SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initiali…
First published (updated )
OpenSSL OpenSSLThe DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if …
4.3
First published (updated )
OpenSSL OpenSSLThe Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f do…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
OpenSSL OpenSSLcrypto/bn/bn_nist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other produ…
5.8
First published (updated )
OpenSSL OpenSSLThe ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through 0.9.8r and 1.0.x before 1.0.0e…
First published (updated )
OpenSSL OpenSSLThe elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Cur…
2.6
First published (updated )
OpenSSL OpenSSLOpenSSL before 0.9.8j, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not prevent mod…
4.3
First published (updated )
OpenSSL OpenSSLOpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly validate the public parameters in t…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
OpenSSL OpenSSLThe Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL before 0.9…
7.5
First published (updated )
OpenSSL OpenSSLInput Validation, Null Pointer Dereference
4.3
First published (updated )
OpenSSL OpenSSLMemory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earli…
First published (updated )
GNU GnuTLSThe Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 a…
5.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
OpenSSL OpenSSLMultiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0…
First published (updated )
OpenSSL OpenSSLOpenSSL before 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
OpenSSL OpenSSLOff-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers t…
9.3
First published (updated )
OpenSSL OpenSSLOff-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up …
6.8
First published (updated )
OpenSSL OpenSSLOpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of ser…
7.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
OpenSSL OpenSSLOpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a d…
7.8
First published (updated )
OpenSSL OpenSSLOpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with expon…
4.3
First published (updated )