Vulnerabilities (CVE)

Filtered by vendor Openssl Subscribe
Total 255 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-6306 6 Canonical, Debian, Hp and 3 more 9 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 6 more 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.
CVE-2016-6305 1 Openssl 1 Openssl 2024-11-21 5.0 MEDIUM 7.5 HIGH
The ssl3_read_bytes function in record/rec_layer_s3.c in OpenSSL 1.1.0 before 1.1.0a allows remote attackers to cause a denial of service (infinite loop) by triggering a zero-length record in an SSL_peek call.
CVE-2016-6304 3 Nodejs, Novell, Openssl 3 Node.js, Suse Linux Enterprise Module For Web Scripting, Openssl 2024-11-21 7.8 HIGH 7.5 HIGH
Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions.
CVE-2016-6303 2 Nodejs, Openssl 2 Node.js, Openssl 2024-11-21 7.5 HIGH 9.8 CRITICAL
Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before 1.1.0 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.
CVE-2016-6302 2 Openssl, Oracle 3 Openssl, Linux, Solaris 2024-11-21 5.0 MEDIUM 7.5 HIGH
The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short.
CVE-2016-2842 1 Openssl 1 Openssl 2024-11-21 10.0 HIGH 9.8 CRITICAL
The doapr_outch function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not verify that a certain memory allocation succeeds, which allows remote attackers to cause a denial of service (out-of-bounds write or memory consumption) or possibly have unspecified other impact via a long string, as demonstrated by a large amount of ASN.1 data, a different vulnerability than CVE-2016-0799.
CVE-2016-2183 6 Cisco, Nodejs, Openssl and 3 more 9 Content Security Management Appliance, Node.js, Openssl and 6 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack.
CVE-2016-2182 3 Hp, Openssl, Oracle 6 Icewall Federation Agent, Icewall Mcrp, Icewall Sso and 3 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.
CVE-2016-2181 2 Openssl, Oracle 2 Openssl, Linux 2024-11-21 5.0 MEDIUM 7.5 HIGH
The Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 mishandles early use of a new epoch number in conjunction with a large sequence number, which allows remote attackers to cause a denial of service (false-positive packet drops) via spoofed DTLS records, related to rec_layer_d1.c and ssl3_record.c.
CVE-2016-2180 2 Openssl, Oracle 2 Openssl, Linux 2024-11-21 5.0 MEDIUM 7.5 HIGH
The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL through 1.0.2h allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted time-stamp file that is mishandled by the "openssl ts" command.
CVE-2016-2179 2 Openssl, Oracle 2 Openssl, Linux 2024-11-21 5.0 MEDIUM 7.5 HIGH
The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many crafted DTLS sessions simultaneously, related to d1_lib.c, statem_dtls.c, statem_lib.c, and statem_srvr.c.
CVE-2016-2178 6 Canonical, Debian, Nodejs and 3 more 7 Ubuntu Linux, Debian Linux, Node.js and 4 more 2024-11-21 2.1 LOW 5.5 MEDIUM
The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack.
CVE-2016-2177 3 Hp, Openssl, Oracle 6 Icewall Mcrp, Icewall Sso, Icewall Sso Agent Option and 3 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c.
CVE-2016-2176 1 Openssl 1 Openssl 2024-11-21 6.4 MEDIUM 8.2 HIGH
The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to obtain sensitive information from process stack memory or cause a denial of service (buffer over-read) via crafted EBCDIC ASN.1 data.
CVE-2016-2109 2 Openssl, Redhat 8 Openssl, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 5 more 2024-11-21 7.8 HIGH 7.5 HIGH
The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (memory consumption) via a short invalid encoding.
CVE-2016-2108 3 Google, Openssl, Redhat 9 Android, Openssl, Enterprise Linux Desktop and 6 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the "negative zero" issue.
CVE-2016-2107 8 Canonical, Debian, Google and 5 more 15 Ubuntu Linux, Debian Linux, Android and 12 more 2024-11-21 2.6 LOW 5.9 MEDIUM
The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169.
CVE-2016-2106 2 Openssl, Redhat 8 Openssl, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 5 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data.
CVE-2016-2105 8 Apple, Canonical, Debian and 5 more 15 Mac Os X, Ubuntu Linux, Debian Linux and 12 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.
CVE-2016-0800 2 Openssl, Pulsesecure 3 Openssl, Client, Steel Belted Radius 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a "DROWN" attack.