Vulnerabilities (CVE)

Vendor filter

Openssl Subscribe


204 total CVE
CVE Vendors Products Updated CVSS
CVE-2002-0655 3 Openssl, Apple, Oracle 5 Application Server, Mac Os X, Corporate Time Outlook Connector and 2 more 2008-09-10 7.5
OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code.
CVE-2000-0535 2 Openssl, Freebsd 2 Freebsd, Openssl 2008-09-10 5.0
OpenSSL 0.9.4 and OpenSSH for FreeBSD do not properly check for the existence of the /dev/random or /dev/urandom devices, which are absent on FreeBSD Alpha systems, which causes them to produce weak keys which may be more easily broken.
CVE-1999-0428 2 Ssleay, Openssl 2 Ssleay, Openssl 2008-09-09 7.5
OpenSSL and SSLeay allow remote attackers to reuse SSL sessions and bypass access controls.
CVE-2005-1797 1 Openssl 1 Openssl 2008-09-05 5.1
The design of Advanced Encryption Standard (AES), aka Rijndael, allows remote attackers to recover AES keys via timing attacks on S-box lookups, which are difficult to perform in constant time in AES implementations.