CVE Daily
← All tags

Tag: OpenSSL

All CVEs associated with "OpenSSL". Page 4/5 • 553 CVEs.

Subscribe CVEs: RSS for “OpenSSL”  ·  RSS (High+Critical only)

About “OpenSSL”

A curated feed of “OpenSSL”-related CVEs appears below. We currently track 553 CVEs for this tag (all time). In the last 365 days, 92 were published. Average CVSS is 6.6 (all time; 7.0 over 365d), and 49% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-476 - NULL Pointer Dereference, CWE-427 - Uncontrolled Search Path Element, CWE-787 - Out-of-bounds Write.

In our taxonomy this topic maps to a MODERATE impact class. Crypto or TLS libraries have ecosystem wide impact. Upgrade, restart dependents, disable legacy protocols, and consider key rotation. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2015-03-19
Low

CVE-2015-1787

The ssl3_get_client_key_exchange function in s3_srvr.c in OpenSSL 1.0.2 before 1.0.2a, when client authentication and an ephemeral Diffie-Hellman ciphersuite are enabled, allows remote attackers to c…

CVSS: 2.6 CWE: CWE-20 - Improper Input Validation View on NVD
Medium

CVE-2015-0293

The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure…

CVSS: 5.0 CWE: CWE-20 - Improper Input Validation View on NVD
High

CVE-2015-0292

Integer underflow in the EVP_DecodeUpdate function in crypto/evp/encode.c in the base64-decoding implementation in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote a…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2015-0291

The sigalgs implementation in t1_lib.c in OpenSSL 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) by using an invalid signature_al…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2015-0290

The multi-block feature in the ssl3_write_bytes function in s3_pkt.c in OpenSSL 1.0.2 before 1.0.2a on 64-bit x86 platforms with AES NI support does not properly handle certain non-blocking I/O cases…

CVSS: 5.0 CWE: CWE-17 View on NVD
Medium

CVE-2015-0289

The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly handle a lack of outer ContentInfo, which allows attackers to…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2015-0288

The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow attackers to cause a denial of service…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2015-0287

The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structur…

CVSS: 5.0 CWE: CWE-17 View on NVD
Medium

CVE-2015-0286

The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, whi…

CVSS: 5.0 CWE: CWE-17 View on NVD
Medium

CVE-2015-0285

The ssl3_client_hello function in s3_clnt.c in OpenSSL 1.0.2 before 1.0.2a does not ensure that the PRNG is seeded before proceeding with a handshake, which makes it easier for remote attackers to de…

CVSS: 4.3 CWE: CWE-310 View on NVD
Medium

CVE-2015-0209

Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote at…

CVSS: 6.8 CWE: N/A View on NVD
Medium

CVE-2015-0208

The ASN.1 signature-verification implementation in the rsa_item_verify function in crypto/rsa/rsa_ameth.c in OpenSSL 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (NULL poi…

CVSS: 4.3 CWE: N/A View on NVD
Medium

CVE-2015-0207

The dtls1_listen function in d1_lib.c in OpenSSL 1.0.2 before 1.0.2a does not properly isolate the state information of independent data streams, which allows remote attackers to cause a denial of se…

CVSS: 5.0 CWE: N/A View on NVD
2015-01-09
Medium

CVE-2015-0206

Memory leak in the dtls1_buffer_record function in d1_pkt.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (memory consumption) by sending…

CVSS: 5.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2015-0205

The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a Certific…

CVSS: 5.0 CWE: CWE-310 View on NVD
Medium

CVE-2015-0204

The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and fa…

CVSS: 4.3 CWE: CWE-310 View on NVD
Medium

CVE-2014-8275

OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-…

CVSS: 5.0 CWE: CWE-310 View on NVD
Medium

CVE-2014-3572

The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigge…

CVSS: 5.0 CWE: CWE-310 View on NVD
Medium

CVE-2014-3571

OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DTLS message t…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2014-3570

The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attac…

CVSS: 5.0 CWE: CWE-310 View on NVD
2014-12-24
Medium

CVE-2014-3569

The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denia…

CVSS: 5.0 CWE: N/A View on NVD
2014-10-29
Medium

CVE-2014-3694

The (1) bundled GnuTLS SSL/TLS plugin and the (2) bundled OpenSSL SSL/TLS plugin in libpurple in Pidgin before 2.10.10 do not properly consider the Basic Constraints extension during verification of…

CVSS: 6.4 CWE: CWE-310 View on NVD
2014-10-19
Medium

CVE-2014-3568

OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j does not properly enforce the no-ssl3 build option, which allows remote attackers to bypass intended access restrictions via an SS…

CVSS: 4.3 CWE: CWE-310 View on NVD
High

CVE-2014-3567

Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consump…

CVSS: 7.1 CWE: CWE-20 - Improper Input Validation View on NVD
High

CVE-2014-3513

Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted handshake message.

CVSS: 7.1 CWE: CWE-20 - Improper Input Validation View on NVD
2014-10-15
Low

CVE-2014-3566

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a pad…

CVSS: 3.4 CWE: CWE-310 View on NVD
2014-08-13
Medium

CVE-2014-5139

The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL servers to cause a denial of service (NULL pointer dereference and client application crash) via a Se…

CVSS: 4.3 CWE: N/A View on NVD
High

CVE-2014-3512

Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of service (application crash) or possibly have uns…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2014-3511

The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1 before 1.0.1i allows man-in-the-middle attackers to force the use of TLS 1.0 by triggering ClientHello message fragmentation in comm…

CVSS: 4.3 CWE: N/A View on NVD
Medium

CVE-2014-3510

The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote DTLS servers to cause a denial of service (NULL poi…

CVSS: 4.3 CWE: N/A View on NVD
Medium

CVE-2014-3509

Race condition in the ssl_parse_serverhello_tlsext function in t1_lib.c in OpenSSL 1.0.0 before 1.0.0n and 1.0.1 before 1.0.1i, when multithreading and session resumption are used, allows remote SSL…

CVSS: 6.8 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
Medium

CVE-2014-3508

The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is used, does not ensure the presence of '\0'…

CVSS: 4.3 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
Medium

CVE-2014-3507

Memory leak in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumpt…

CVSS: 5.0 CWE: CWE-399 View on NVD
Medium

CVE-2014-3506

d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via crafte…

CVSS: 5.0 CWE: CWE-399 View on NVD
Medium

CVE-2014-3505

Double free vulnerability in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (a…

CVSS: 5.0 CWE: N/A View on NVD
2014-06-05
Medium

CVE-2014-3470

The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers t…

CVSS: 4.3 CWE: CWE-476 - NULL Pointer Dereference View on NVD
High

CVE-2014-0224

OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a z…

CVSS: 7.4 CWE: CWE-326 - Inadequate Encryption Strength View on NVD
Medium

CVE-2014-0221

The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client…

CVSS: 4.3 CWE: N/A View on NVD
Medium

CVE-2014-0195

The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, w…

CVSS: 6.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
2014-05-06
Medium

CVE-2014-0198

The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows…

CVSS: 4.3 CWE: CWE-476 - NULL Pointer Dereference View on NVD
2014-04-29
High

CVE-2013-7373

Android before 4.4 does not properly arrange for seeding of the OpenSSL PRNG, which makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging use of the PRNG within mu…

CVSS: 7.5 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2014-04-24
Medium

CVE-2014-2734

The openssl extension in Ruby 2.x does not properly maintain the state of process memory after a file is reopened, which allows remote attackers to spoof signatures within the context of a Ruby scrip…

CVSS: 5.8 CWE: CWE-399 View on NVD
2014-04-15
Medium

CVE-2014-0139

cURL and libcurl 7.1 before 7.36.0, when using the OpenSSL, axtls, qsossl or gskit libraries for TLS, recognize a wildcard IP address in the subject's Common Name (CN) field of an X.509 certificate,…

CVSS: 5.8 CWE: CWE-310 View on NVD
2014-04-14
Medium

CVE-2010-5298

Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denia…

CVSS: 4.0 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
2014-04-07
High

CVE-2014-0160

The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process…

CVSS: 7.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
2014-03-25
Low

CVE-2014-0076

The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces…

CVSS: 1.9 CWE: CWE-310 View on NVD
2014-03-24
Medium

CVE-2014-0016

stunnel before 5.00, when using fork threading, does not properly update the state of the OpenSSL pseudo-random number generator (PRNG), which causes subsequent children with the same process ID to u…

CVSS: 4.3 CWE: CWE-332 - Insufficient Entropy in PRNG View on NVD
2014-03-14
Low

CVE-2014-0017

The RAND_bytes function in libssh before 0.6.3, when forking is enabled, does not properly reset the state of the OpenSSL pseudo-random number generator (PRNG), which causes the state to be shared be…

CVSS: 1.9 CWE: CWE-310 View on NVD
2014-03-05
Medium

CVE-2014-2234

A certain Apple patch for OpenSSL in Apple OS X 10.9.2 and earlier uses a Trust Evaluation Agent (TEA) feature without terminating certain TLS/SSL handshakes as specified in the SSL_CTX_set_verify ca…

CVSS: 6.4 CWE: CWE-20 - Improper Input Validation View on NVD
2014-01-17
Medium

CVE-2013-7295

Tor before 0.2.4.20, when OpenSSL 1.x is used in conjunction with a certain HardwareAccel setting on Intel Sandy Bridge and Ivy Bridge platforms, does not properly generate random numbers for (1) rel…

CVSS: 4.0 CWE: CWE-310 View on NVD
2014-01-09
Medium

CVE-2013-4353

The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next P…

CVSS: 4.3 CWE: CWE-20 - Improper Input Validation View on NVD
2014-01-01
Medium

CVE-2013-6450

The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-t…

CVSS: 5.8 CWE: CWE-310 View on NVD
2013-12-23
Medium

CVE-2013-6449

The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before 1.0.2 obtains a certain version number from an incorrect data structure, which allows remote attackers to cause a denial of service (…

CVSS: 4.3 CWE: CWE-310 View on NVD
2013-12-17
High

CVE-2013-6420

The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2013-11-23
Medium

CVE-2013-4545

cURL and libcurl 7.18.0 through 7.32.0, when built with OpenSSL, disables the certificate CN and SAN name field verification (CURLOPT_SSL_VERIFYHOST) when the digital signature verification (CURLOPT_…

CVSS: 4.3 CWE: CWE-310 View on NVD
2013-08-18
Medium

CVE-2013-4248

The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Na…

CVSS: 4.3 CWE: CWE-20 - Improper Input Validation View on NVD
Medium

CVE-2013-4073

The OpenSSL::SSL.verify_certificate_identity function in lib/openssl/ssl.rb in Ruby 1.8 before 1.8.7-p374, 1.9 before 1.9.3-p448, and 2.0 before 2.0.0-p247 does not properly handle a '\0' character i…

CVSS: 6.8 CWE: CWE-310 View on NVD
2013-05-02
Medium

CVE-2013-2944

strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allows remote attackers to authenticate as other users via an invalid signature.

CVSS: 4.9 CWE: CWE-287 - Improper Authentication View on NVD
2013-04-04
High

CVE-2013-1900

PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated us…

CVSS: 8.5 CWE: CWE-189 View on NVD
2013-03-05
Medium

CVE-2013-1415

The pkinit_check_kdc_pkid function in plugins/preauth/pkinit/pkinit_crypto_openssl.c in the PKINIT implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.4 and 1…

CVSS: 5.0 CWE: CWE-476 - NULL Pointer Dereference View on NVD
2013-02-24
Medium

CVE-2012-6093

The QSslSocket::sslErrors function in Qt before 4.6.5, 4.7.x before 4.7.6, 4.8.x before 4.8.5, when using certain versions of openSSL, uses an "incompatible structure layout" that can read memory fro…

CVSS: 4.3 CWE: CWE-310 View on NVD
2013-02-08
Low

CVE-2013-0169

The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirem…

CVSS: 2.6 CWE: CWE-310 View on NVD
Medium

CVE-2013-0166

OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service…

CVSS: 5.0 CWE: CWE-310 View on NVD
Medium

CVE-2012-2686

crypto/evp/e_aes_cbc_hmac_sha1.c in the AES-NI functionality in the TLS 1.1 and 1.2 implementations in OpenSSL 1.0.1 before 1.0.1d allows remote attackers to cause a denial of service (application cr…

CVSS: 5.0 CWE: CWE-310 View on NVD
2013-01-19
Medium

CVE-2012-6113

The openssl_encrypt function in ext/openssl/openssl.c in PHP 5.3.9 through 5.3.13 does not initialize a certain variable, which allows remote attackers to obtain sensitive information from process me…

CVSS: 5.0 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2012-07-11
Medium

CVE-2011-4302

mnet/xmlrpc/client.php in MNET in Moodle 1.9.x before 1.9.14, 2.0.x before 2.0.5, and 2.1.x before 2.1.2 does not properly process the return value of the openssl_verify function, which allows remote…

CVSS: 6.8 CWE: CWE-20 - Improper Input Validation View on NVD
2012-06-20
Medium

CVE-2011-5095

The Diffie-Hellman key-exchange implementation in OpenSSL 0.9.8, when FIPS mode is enabled, does not properly validate a public parameter, which makes it easier for man-in-the-middle attackers to obt…

CVSS: 4.0 CWE: CWE-310 View on NVD
2012-06-16
Medium

CVE-2011-1473

OpenSSL before 0.9.8l, and 0.9.8m through 1.x, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, which might make it easier for remote attackers to cause a d…

CVSS: 5.0 CWE: CWE-264 View on NVD
2012-05-14
Medium

CVE-2012-2333

Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of serv…

CVSS: 6.8 CWE: CWE-189 View on NVD
2012-04-24
High

CVE-2012-2131

Multiple integer signedness errors in crypto/buffer/buffer.c in OpenSSL 0.9.8v allow remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly…

CVSS: 7.5 CWE: CWE-189 View on NVD
2012-04-19
High

CVE-2012-2110

The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2012-03-15
Medium

CVE-2012-1165

The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service (NULL pointer dereference and application cra…

CVSS: 5.0 CWE: CWE-399 View on NVD
2012-03-13
Medium

CVE-2012-0884

The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 in OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict certain oracle behavior, which makes it easier for conte…

CVSS: 5.0 CWE: CWE-310 View on NVD
2012-02-29
Medium

CVE-2006-7250

The mime_hdr_cmp function in crypto/asn1/asn_mime.c in OpenSSL 0.9.8t and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S…

CVSS: 5.0 CWE: N/A View on NVD
2012-01-27
Medium

CVE-2011-4354

crypto/bn/bn_nist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular redu…

CVSS: 5.8 CWE: CWE-310 View on NVD
2012-01-19
Medium

CVE-2012-0050

OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an out-of-bounds read. NO…

CVSS: 5.0 CWE: CWE-399 View on NVD
2012-01-06
Medium

CVE-2012-0027

The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote attackers to cause a denial of service (daemon crash) via crafted d…

CVSS: 5.0 CWE: CWE-399 View on NVD
Medium

CVE-2011-4619

The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of servi…

CVSS: 5.0 CWE: CWE-399 View on NVD
Medium

CVE-2011-4577

OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate…

CVSS: 4.3 CWE: CWE-399 View on NVD
Medium

CVE-2011-4576

The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive…

CVSS: 5.0 CWE: CWE-310 View on NVD
Critical

CVE-2011-4109

Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check.

CVSS: 9.3 CWE: CWE-399 View on NVD
Medium

CVE-2011-4108

The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a pad…

CVSS: 4.3 CWE: CWE-310 View on NVD
2011-09-22
Medium

CVE-2011-3210

The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through 0.9.8r and 1.0.x before 1.0.0e does not ensure thread safety during processing of handshake messages from clients, which allows r…

CVSS: 5.0 CWE: CWE-399 View on NVD
Medium

CVE-2011-3207

crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value co…

CVSS: 5.0 CWE: CWE-264 View on NVD
2011-05-31
Low

CVE-2011-1945

The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm (ECDSA) is used for the ECDHE_ECDSA cipher suite, does not properly…

CVSS: 2.6 CWE: CWE-310 View on NVD
2011-03-20
Medium

CVE-2011-1468

Multiple memory leaks in the OpenSSL extension in PHP before 5.3.6 might allow remote attackers to cause a denial of service (memory consumption) via (1) plaintext data to the openssl_encrypt functio…

CVSS: 4.3 CWE: CWE-399 View on NVD
2011-03-18
Medium

CVE-2009-5057

The S/MIME feature in Open Ticket Request System (OTRS) before 2.3.4 does not configure the RANDFILE and HOME environment variables for OpenSSL, which might make it easier for remote attackers to dec…

CVSS: 5.0 CWE: CWE-310 View on NVD
Medium

CVE-2008-7278

The S/MIME feature in Open Ticket Request System (OTRS) before 2.2.5, and 2.3.x before 2.3.0-beta1, does not properly configure the RANDFILE environment variable for OpenSSL, which might make it easi…

CVSS: 5.0 CWE: CWE-20 - Improper Input Validation View on NVD
2011-02-19
Medium

CVE-2011-0014

ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use…

CVSS: 5.0 CWE: CWE-399 View on NVD
2010-12-06
Medium

CVE-2008-7270

OpenSSL before 0.9.8j, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the use o…

CVSS: 4.3 CWE: CWE-310 View on NVD
High

CVE-2010-4252

OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared se…

CVSS: 7.5 CWE: CWE-287 - Improper Authentication View on NVD
Medium

CVE-2010-4180

OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows r…

CVSS: 4.3 CWE: N/A View on NVD
2010-11-17
High

CVE-2010-3864

Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to ex…

CVSS: 7.6 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
2010-11-15
Critical

CVE-2010-1378

OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform arithmetic, which allows remote attackers to bypass X.509 certificate authentication via an arbitrary certificate issued by a…

CVSS: 9.8 CWE: CWE-295 - Improper Certificate Validation View on NVD
2010-08-17
Medium

CVE-2010-2939

Double free vulnerability in the ssl3_get_key_exchange function in the OpenSSL client (ssl/s3_clnt.c) in OpenSSL 1.0.0a, 0.9.8, 0.9.7, and possibly other versions, when using ECDH, allows context-dep…

CVSS: 4.3 CWE: CWE-399 View on NVD
2010-07-02
Medium

CVE-2010-2621

The QSslSocketBackendPrivate::transmit function in src_network_ssl_qsslsocket_openssl.cpp in Qt 4.6.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed…

CVSS: 5.0 CWE: CWE-20 - Improper Input Validation View on NVD
2010-06-03
Medium

CVE-2010-1633

RSA verification recovery in the EVP_PKEY_verify_recover function in OpenSSL 1.x before 1.0.0a, as used by pkeyutl and possibly other applications, returns uninitialized memory upon failure, which mi…

CVSS: 6.4 CWE: CWE-264 View on NVD
High

CVE-2010-0742

The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which al…

CVSS: 7.5 CWE: CWE-310 View on NVD
2010-03-26
Medium

CVE-2010-0740

The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through 0.9.8m allows remote attackers to cause a denial of service (crash) via a malformed record in a TLS connection that triggers a N…

CVSS: 5.0 CWE: CWE-20 - Improper Input Validation View on NVD
2010-03-05
Medium

CVE-2010-0928

OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signatu…

CVSS: 4.0 CWE: CWE-310 View on NVD
Medium

CVE-2010-0433

The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which…

CVSS: 4.3 CWE: CWE-20 - Improper Input Validation View on NVD
Critical

CVE-2009-3245

OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, wh…

CVSS: 10.0 CWE: CWE-20 - Improper Input Validation View on NVD
2010-01-14
Medium

CVE-2009-4355

Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consu…

CVSS: 5.0 CWE: CWE-399 View on NVD
2009-12-04
Critical

CVE-2009-4211

The U.S. Defense Information Systems Agency (DISA) Security Readiness Review (SRR) script for the Solaris x86 platform executes files in arbitrary directories as root for filenames equal to (1) java,…

CVSS: 9.3 CWE: CWE-264 View on NVD
2009-11-30
Medium

CVE-2009-4028

The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which al…

CVSS: 6.8 CWE: CWE-20 - Improper Input Validation View on NVD
2009-11-16
Medium

CVE-2009-3942

Martin Lambers msmtp before 1.4.19, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509…

CVSS: 6.4 CWE: CWE-310 View on NVD
Medium

CVE-2009-3941

Martin Lambers mpop before 1.0.19, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509…

CVSS: 5.0 CWE: CWE-310 View on NVD
2009-11-09
Critical

CVE-2009-3555

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9…

CVSS: 9.8 CWE: CWE-295 - Improper Certificate Validation View on NVD
2009-10-23
Medium

CVE-2009-3767

libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) fiel…

CVSS: 4.3 CWE: CWE-295 - Improper Certificate Validation View on NVD
Medium

CVE-2009-3766

mutt_ssl.c in mutt 1.5.16 and other versions before 1.5.19, when OpenSSL is used, does not verify the domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-…

CVSS: 6.8 CWE: CWE-310 View on NVD
Medium

CVE-2009-3765

mutt_ssl.c in mutt 1.5.19 and 1.5.20, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows ma…

CVSS: 6.8 CWE: CWE-310 View on NVD
2009-09-22
High

CVE-2009-3291

The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability t…

CVSS: 7.5 CWE: CWE-20 - Improper Input Validation View on NVD
2009-08-21
Medium

CVE-2009-2474

neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the…

CVSS: 5.8 CWE: CWE-326 - Inadequate Encryption Strength View on NVD
2009-08-14
High

CVE-2009-2417

lib/ssluse.c in cURL and libcurl 7.4 through 7.19.5, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate,…

CVSS: 7.5 CWE: CWE-310 View on NVD
2009-07-30
Medium

CVE-2009-2409

The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, whi…

CVSS: 5.1 CWE: CWE-295 - Improper Certificate Validation View on NVD
2009-06-16
Medium

CVE-2009-1390

Mutt 1.5.19, when linked against (1) OpenSSL (mutt_ssl.c) or (2) GnuTLS (mutt_ssl_gnutls.c), allows connections when only one TLS certificate in the chain is accepted instead of verifying the entire…

CVSS: 6.8 CWE: CWE-287 - Improper Authentication View on NVD
2009-06-04
Medium

CVE-2009-1387

The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an o…

CVSS: 5.0 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Medium

CVE-2009-1386

ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHell…

CVSS: 5.0 CWE: CWE-476 - NULL Pointer Dereference View on NVD
2009-05-19
Medium

CVE-2009-1379

Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) an…

CVSS: 5.0 CWE: CWE-399 View on NVD
Medium

CVE-2009-1378

Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consum…

CVSS: 5.0 CWE: CWE-401 - Missing Release of Memory after Effective Lifetime View on NVD