Integer overflow in CipherUpdate |
Integer Overflow |
reaperhulk |
High |
2021-04-08 |
Windows only: arbitrary file read vulnerability in openssl s_server |
Path Traversal |
jobert |
Medium |
2020-10-10 |
Client DoS due to large DH parameter (CVE-2018-0732) |
Denial of Service |
guido |
Low |
2018-09-20 |
SSL_peek() hang on empty record (CVE-2016-6305) |
Denial of Service |
alex_gaynor |
Medium |
2018-01-11 |
Malformed SHA512 ticket DoS (CVE-2016-6302) |
Denial of Service |
theyarestone |
Low |
2017-05-25 |
OOB read in TS_OBJ_print_bio() (CVE-2016-2180) |
Out-of-bounds Read |
theyarestone |
Low |
2017-05-25 |
Certificate message OOB reads (CVE-2016-6306) |
Out-of-bounds Read |
theyarestone |
Low |
2017-05-25 |
Excessive allocation of memory in tls_get_message_header() (CVE-2016-6307) |
Denial of Service |
theyarestone |
Low |
2017-05-25 |
Excessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308) |
Denial of Service |
theyarestone |
Low |
2017-05-25 |
OOB write in MDC2_Update() (CVE-2016-6303) |
Heap Overflow |
theyarestone |
Low |
2017-05-25 |
OOB write in BN_bn2dec() (CVE-2016-2182) |
Heap Overflow |
theyarestone |
Low |
2017-05-25 |
OCSP Status Request extension unbounded memory growth (CVE-2016-6304) |
Denial of Service |
theyarestone |
High |
2017-04-12 |
CVE-2017-3730: Bad (EC)DHE parameters cause a client crash |
Denial of Service |
guido |
Medium |
2017-02-07 |
Remote client memory corruption in ssl_add_clienthello_tlsext() |
Code Injection |
guido |
No rating |
2016-12-30 |
Double-free in X509 parsing |
Memory Corruption - Generic |
guido |
No rating |
2016-12-30 |
SSLv2 doesn't block disabled ciphers (CVE-2015-3197) |
Cryptographic Issues - Generic |
nimia |
No rating |
2016-09-21 |
Cross-protocol attack on TLS using SSLv2 (DROWN) (CVE-2016-0800) |
Cryptographic Issues - Generic |
nimia |
No rating |
2016-09-21 |
CVE-2016-2177 Undefined pointer arithmetic in SSL code |
Memory Corruption - Generic |
guido |
No rating |
2016-09-20 |
Divide-and-conquer session key recovery in SSLv2 (CVE-2016-0703) |
Cryptographic Issues - Generic |
dadrian |
No rating |
2016-06-01 |
Bleichenbacher oracle in SSLv2 (CVE-2016-0704) |
Cryptographic Issues - Generic |
dadrian |
No rating |
2016-06-01 |
Padding oracle in AES-NI CBC MAC check (CVE-2016-2107) |
Cryptographic Issues - Generic |
jurajsomorovsky |
No rating |
2016-05-19 |
ASN.1 BIO excessive memory allocation (CVE-2016-2109) |
Denial of Service |
geeknik |
No rating |
2016-05-03 |
Potential double free in EVP_DigestInit_ex |
Memory Corruption - Generic |
guido |
No rating |
2016-05-03 |
EBCDIC overread (CVE-2016-2176) |
Memory Corruption - Generic |
guido |
No rating |
2016-05-03 |
EVP_EncryptUpdate overflow (CVE-2016-2106) |
Memory Corruption - Generic |
guido |
No rating |
2016-05-03 |
EVP_EncodeUpdate overflow (CVE-2016-2105) |
Memory Corruption - Generic |
guido |
No rating |
2016-05-03 |
BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193) |
Cryptographic Issues - Generic |
hanno |
No rating |
2016-04-12 |
CVE-2016-0799 memory issues in BIO_*printf functions |
Memory Corruption - Generic |
guido |
No rating |
2016-03-28 |
OpenSSL Key Recovery Attack on DH small subgroups (CVE-2016-0701) |
Cryptographic Issues - Generic |
asanso |
No rating |
2016-03-28 |
b2i_PVK_bio heap corruption |
Memory Corruption - Generic |
guido |
No rating |
2016-03-28 |
BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption (CVE-2016-0797) |
Memory Corruption - Generic |
guido |
No rating |
2016-03-28 |
Malformed ECParameters causes infinite loop |
None supplied |
ctz |
No rating |
2015-06-11 |
Segmentation fault for invalid PSS parameters |
None supplied |
geeknik |
No rating |
2015-03-19 |
X509_to_X509_REQ NULL pointer deref |
None supplied |
geeknik |
No rating |
2015-03-15 |