Vulnerabilities (CVE)

Vendor filter

Openssl Subscribe

Product filter

Openssl Subscribe

Filter

203 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-1549 1 Openssl 1 Openssl 2019-09-19 5.0
OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this...
CVE-2019-1547 1 Openssl 1 Openssl 2019-09-12 1.9
Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those...
CVE-2019-1563 1 Openssl 1 Openssl 2019-09-12 4.3
In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or...
CVE-2019-1552 1 Openssl 1 Openssl 2019-08-23 1.9
OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix /...
CVE-2019-0190 4 Apache, Netapp, Openssl and 1 more 4 Http Server, Santricity Cloud Connector, Openssl and 1 more 2019-07-23 5.0
A bug exists in the way mod_ssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause mod_ssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP...
CVE-2018-5407 7 Nodejs, Openssl, Canonical and 4 more 20 Node.js, Openssl, Ubuntu Linux and 17 more 2019-07-23 1.9
Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.
CVE-2018-0735 6 Netapp, Openssl, Canonical and 3 more 22 Cloud Backup, Oncommand Unified Manager, Santricity Smi-s Provider and 19 more 2019-07-23 4.3
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in...
CVE-2016-8610 4 Openssl, Netapp, Redhat and 1 more 25 Openssl, Clustered Data Ontap Antivirus Connector, Data Ontap and 22 more 2019-07-23 5.0
A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL...
CVE-2009-3555 8 Mozilla, Openssl, Microsoft and 5 more 9 Openssl, Nss, Iis and 6 more 2019-07-03 5.8
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network...
CVE-2016-7055 1 Openssl 1 Openssl 2019-07-02 2.6
There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA,...
CVE-2015-3195 6 Openssl, Apple, Oracle and 3 more 16 Sun Ray Software, Openssl, Transportation Management and 13 more 2019-06-14 5.0
The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers...
CVE-2015-3196 7 Hp, Openssl, Oracle and 4 more 13 Icewall Sso, Icewall Sso Agent Option, Vm Virtualbox and 10 more 2019-06-13 4.3
ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of...
CVE-2018-0734 6 Netapp, Openssl, Canonical and 3 more 19 Cloud Backup, Oncommand Unified Manager, Santricity Smi-s Provider and 16 more 2019-06-11 4.3
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL...
CVE-2019-1543 1 Openssl 1 Openssl 2019-06-03 5.8
ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value (IV) should be 96 bits (12 bytes). OpenSSL allows a variable nonce length and front pads the nonce with...
CVE-2018-0732 3 Openssl, Canonical, Debian 3 Openssl, Ubuntu Linux, Debian Linux 2019-05-30 5.0
During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime...
CVE-2011-1473 1 Openssl 1 Openssl 2019-05-27 5.0
** DISPUTED ** OpenSSL before 0.9.8l, and 0.9.8m through 1.x, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, which might make it easier for remote attackers to cause a denial of service (CPU...
CVE-2019-1559 7 Openssl, Canonical, Debian and 4 more 18 Openssl, Ubuntu Linux, Debian Linux and 15 more 2019-05-22 4.3
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with...
CVE-2016-2183 5 Python, Openssl, Cisco and 2 more 8 Content Security Management Appliance, Openssl, Enterprise Linux and 5 more 2019-05-20 5.0
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a...
CVE-2017-3730 2 Openssl, Oracle 7 Openssl, Agile Engineering Data Management, Communications Application Session Controller and 4 more 2019-04-25 5.0
In OpenSSL 1.1.0 before 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a...
CVE-2018-0739 3 Openssl, Canonical, Debian 3 Openssl, Ubuntu Linux, Debian Linux 2019-04-23 4.3
Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures...