| Bug | Description |
|---|
| CVE-2024-6119 | Issue summary: Applications performing certificate name checks (e.g., ... |
| CVE-2024-4603 | Issue summary: Checking excessively long DSA keys or parameters may be ... |
| CVE-2023-6237 | Issue summary: Checking excessively long invalid RSA public keys may t ... |
| CVE-2023-6129 | Issue summary: The POLY1305 MAC (message authentication code) implemen ... |
| CVE-2023-5363 | Issue summary: A bug has been identified in the processing of key and ... |
| CVE-2023-4807 | Issue summary: The POLY1305 MAC (message authentication code) implemen ... |
| CVE-2023-3817 | Issue summary: Checking excessively long DH keys or parameters may be ... |
| CVE-2023-3446 | Issue summary: Checking excessively long DH keys or parameters may be ... |
| CVE-2023-2975 | Issue summary: The AES-SIV cipher implementation contains a bug that c ... |
| CVE-2023-2650 | Issue summary: Processing some specially crafted ASN.1 object identifi ... |
| CVE-2023-1255 | Issue summary: The AES-XTS cipher decryption implementation for 64 bit ... |
| CVE-2023-0466 | The function X509_VERIFY_PARAM_add0_policy() is documented to implicit ... |
| CVE-2023-0465 | Applications that use a non-default option when verifying certificates ... |
| CVE-2023-0464 | A security vulnerability has been identified in all supported versions ... |
| CVE-2023-0401 | A NULL pointer can be dereferenced when signatures are being verified ... |
| CVE-2023-0286 | There is a type confusion vulnerability relating to X.400 address proc ... |
| CVE-2023-0217 | An invalid pointer dereference on read can be triggered when an applic ... |
| CVE-2023-0216 | An invalid pointer dereference on read can be triggered when an applic ... |
| CVE-2023-0215 | The public API function BIO_new_NDEF is a helper function used for str ... |
| CVE-2022-4450 | The function PEM_read_bio_ex() reads a PEM file from a BIO and parses ... |
| CVE-2022-4203 | A read buffer overrun can be triggered in X.509 certificate verificati ... |
| CVE-2022-3996 | If an X.509 certificate contains a malformed policy constraint and pol ... |
| CVE-2022-3786 | A buffer overrun can be triggered in X.509 certificate verification, s ... |
| CVE-2022-3602 | A buffer overrun can be triggered in X.509 certificate verification, s ... |
| CVE-2022-3358 | OpenSSL supports creating a custom cipher via the legacy EVP_CIPHER_me ... |
| CVE-2022-2274 | The OpenSSL 3.0.4 release introduced a serious bug in the RSA implemen ... |
| CVE-2022-2097 | AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimi ... |
| CVE-2022-2068 | In addition to the c_rehash shell command injection identified in CVE- ... |
| CVE-2022-1473 | The OPENSSL_LH_flush() function, which empties a hash table, contains ... |
| CVE-2022-1434 | The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly ... |
| CVE-2022-1343 | The function `OCSP_basic_verify` verifies the signer certificate on an ... |
| CVE-2022-1292 | The c_rehash script does not properly sanitise shell metacharacters to ... |
| CVE-2022-0778 | The BN_mod_sqrt() function, which computes a modular square root, cont ... |
| CVE-2021-23841 | The OpenSSL public API function X509_issuer_and_serial_hash() attempts ... |
| CVE-2021-23840 | Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may ... |
| CVE-2021-23839 | OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 ... |
| CVE-2021-4044 | Internally libssl in OpenSSL calls X509_verify_cert() on the client si ... |
| CVE-2021-3712 | ASN.1 strings are represented internally within OpenSSL as an ASN1_STR ... |
| CVE-2021-3711 | In order to decrypt SM2 encrypted data an application is expected to c ... |
| CVE-2021-3450 | The X509_V_FLAG_X509_STRICT flag enables additional security checks of ... |
| CVE-2021-3449 | An OpenSSL TLS server may crash if sent a maliciously crafted renegoti ... |
| CVE-2020-1971 | The X.509 GeneralName type is a generic type for representing differen ... |
| CVE-2020-1967 | Server or client applications that call the SSL_check_chain() function ... |
| CVE-2019-1563 | In situations where an attacker receives automated notification of the ... |
| CVE-2019-1559 | If an application encounters a fatal protocol error and then calls SSL ... |
| CVE-2019-1552 | OpenSSL has internal defaults for a directory tree where it can find a ... |
| CVE-2019-1551 | There is an overflow bug in the x64_64 Montgomery squaring procedure u ... |
| CVE-2019-1549 | OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). Th ... |
| CVE-2019-1547 | Normally in OpenSSL EC groups always have a co-factor present and this ... |
| CVE-2019-1543 | ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input ... |
| CVE-2018-5407 | Simultaneous Multi-threading (SMT) in processors can enable local user ... |
| CVE-2018-0739 | Constructed ASN.1 types with a recursive definition (such as can be fo ... |
| CVE-2018-0737 | The OpenSSL RSA Key generation algorithm has been shown to be vulnerab ... |
| CVE-2018-0735 | The OpenSSL ECDSA signature algorithm has been shown to be vulnerable ... |
| CVE-2018-0734 | The OpenSSL DSA signature algorithm has been shown to be vulnerable to ... |
| CVE-2018-0733 | Because of an implementation bug the PA-RISC CRYPTO_memcmp function is ... |
| CVE-2018-0732 | During key agreement in a TLS handshake using a DH(E) based ciphersuit ... |
| CVE-2017-3738 | There is an overflow bug in the AVX2 Montgomery multiplication procedu ... |
| CVE-2017-3737 | OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error stat ... |
| CVE-2017-3736 | There is a carry propagating bug in the x86_64 Montgomery squaring pro ... |
| CVE-2017-3735 | While parsing an IPAddressFamily extension in an X.509 certificate, it ... |
| CVE-2017-3733 | During a renegotiation handshake if the Encrypt-Then-Mac extension is ... |
| CVE-2017-3732 | There is a carry propagating bug in the x86_64 Montgomery squaring pro ... |
| CVE-2017-3731 | If an SSL/TLS server or client is running on a 32-bit host, and a spec ... |
| CVE-2017-3730 | In OpenSSL 1.1.0 before 1.1.0d, if a malicious server supplies bad par ... |
| CVE-2016-8610 | A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 thro ... |
| CVE-2016-7056 | A timing attack flaw was found in OpenSSL 1.0.1u and before that could ... |
| CVE-2016-7055 | There is a carry propagating bug in the Broadwell-specific Montgomery ... |
| CVE-2016-7054 | In OpenSSL 1.1.0 before 1.1.0c, TLS connections using *-CHACHA20-POLY1 ... |
| CVE-2016-7053 | In OpenSSL 1.1.0 before 1.1.0c, applications parsing invalid CMS struc ... |
| CVE-2016-7052 | crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to ca ... |
| CVE-2016-6309 | statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movem ... |
| CVE-2016-6308 | statem/statem_dtls.c in the DTLS implementation in OpenSSL 1.1.0 befor ... |
| CVE-2016-6307 | The state-machine implementation in OpenSSL 1.1.0 before 1.1.0a alloca ... |
| CVE-2016-6306 | The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2 ... |
| CVE-2016-6305 | The ssl3_read_bytes function in record/rec_layer_s3.c in OpenSSL 1.1.0 ... |
| CVE-2016-6304 | Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 befo ... |
| CVE-2016-6303 | Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c ... |
| CVE-2016-6302 | The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1. ... |
| CVE-2016-2842 | The doapr_outch function in crypto/bio/b_print.c in OpenSSL 1.0.1 befo ... |
| CVE-2016-2182 | The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 ... |
| CVE-2016-2181 | The Anti-Replay feature in the DTLS implementation in OpenSSL before 1 ... |
| CVE-2016-2180 | The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Publi ... |
| CVE-2016-2179 | The DTLS implementation in OpenSSL before 1.1.0 does not properly rest ... |
| CVE-2016-2178 | The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL throug ... |
| CVE-2016-2177 | OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-bu ... |
| CVE-2016-2176 | The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL be ... |
| CVE-2016-2109 | The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 ... |
| CVE-2016-2108 | The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0 ... |
| CVE-2016-2107 | The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1. ... |
| CVE-2016-2106 | Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_e ... |
| CVE-2016-2105 | Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode ... |
| CVE-2016-0800 | The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before ... |
| CVE-2016-0799 | The fmtstr function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1. ... |
| CVE-2016-0798 | Memory leak in the SRP_VBASE_get_by_user implementation in OpenSSL 1.0 ... |
| CVE-2016-0797 | Multiple integer overflows in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 be ... |
| CVE-2016-0705 | Double free vulnerability in the dsa_priv_decode function in crypto/ds ... |
| CVE-2016-0704 | An oracle protection mechanism in the get_client_master_key function i ... |
| CVE-2016-0703 | The get_client_master_key function in s2_srvr.c in the SSLv2 implement ... |
| CVE-2016-0702 | The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp.c in O ... |
| CVE-2016-0701 | The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 ... |
| CVE-2015-7575 | Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozi ... |
| CVE-2015-5738 | The RSA-CRT implementation in the Cavium Software Development Kit (SDK ... |
| CVE-2015-4000 | The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is ena ... |
| CVE-2015-3216 | Race condition in a certain Red Hat patch to the PRNG lock implementat ... |
| CVE-2015-3197 | ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f d ... |
| CVE-2015-3196 | ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and ... |
| CVE-2015-3195 | The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in Open ... |
| CVE-2015-3194 | crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before ... |
| CVE-2015-3193 | The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.p ... |
| CVE-2015-1794 | The ssl3_get_key_exchange function in ssl/s3_clnt.c in OpenSSL 1.0.2 b ... |
| CVE-2015-1793 | The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL 1.0 ... |
| CVE-2015-1792 | The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before ... |
| CVE-2015-1791 | Race condition in the ssl3_get_new_session_ticket function in ssl/s3_c ... |
| CVE-2015-1790 | The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL bef ... |
| CVE-2015-1789 | The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before ... |
| CVE-2015-1788 | The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL before ... |
| CVE-2015-1787 | The ssl3_get_client_key_exchange function in s3_srvr.c in OpenSSL 1.0. ... |
| CVE-2015-0293 | The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0 ... |
| CVE-2015-0292 | Integer underflow in the EVP_DecodeUpdate function in crypto/evp/encod ... |
| CVE-2015-0291 | The sigalgs implementation in t1_lib.c in OpenSSL 1.0.2 before 1.0.2a ... |
| CVE-2015-0290 | The multi-block feature in the ssl3_write_bytes function in s3_pkt.c i ... |
| CVE-2015-0289 | The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0. ... |
| CVE-2015-0288 | The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL bef ... |
| CVE-2015-0287 | The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL bef ... |
| CVE-2015-0286 | The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0 ... |
| CVE-2015-0285 | The ssl3_client_hello function in s3_clnt.c in OpenSSL 1.0.2 before 1. ... |
| CVE-2015-0209 | Use-after-free vulnerability in the d2i_ECPrivateKey function in crypt ... |
| CVE-2015-0208 | The ASN.1 signature-verification implementation in the rsa_item_verify ... |
| CVE-2015-0207 | The dtls1_listen function in d1_lib.c in OpenSSL 1.0.2 before 1.0.2a d ... |
| CVE-2015-0206 | Memory leak in the dtls1_buffer_record function in d1_pkt.c in OpenSSL ... |
| CVE-2015-0205 | The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before ... |
| CVE-2015-0204 | The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9. ... |
| CVE-2014-8275 | OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k d ... |
| CVE-2014-8176 | The dtls1_clear_queues function in ssl/d1_lib.c in OpenSSL before 0.9. ... |
| CVE-2014-5139 | The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 befo ... |
| CVE-2014-3572 | The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9. ... |
| CVE-2014-3571 | OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k a ... |
| CVE-2014-3570 | The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0. ... |
| CVE-2014-3569 | The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, ... |
| CVE-2014-3568 | OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j d ... |
| CVE-2014-3567 | Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL ... |
| CVE-2014-3566 | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other prod ... |
| CVE-2014-3513 | Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 b ... |
| CVE-2014-3512 | Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implement ... |
| CVE-2014-3511 | The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1 bef ... |
| CVE-2014-3510 | The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL 0.9 ... |
| CVE-2014-3509 | Race condition in the ssl_parse_serverhello_tlsext function in t1_lib. ... |
| CVE-2014-3508 | The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 ... |
| CVE-2014-3507 | Memory leak in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 b ... |
| CVE-2014-3506 | d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, ... |
| CVE-2014-3505 | Double free vulnerability in d1_both.c in the DTLS implementation in O ... |
| CVE-2014-3470 | The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL bef ... |
| CVE-2014-2234 | A certain Apple patch for OpenSSL in Apple OS X 10.9.2 and earlier use ... |
| CVE-2014-0224 | OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h d ... |
| CVE-2014-0221 | The dtls1_get_message_fragment function in d1_both.c in OpenSSL before ... |
| CVE-2014-0198 | The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, ... |
| CVE-2014-0195 | The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before ... |
| CVE-2014-0160 | The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1 ... |
| CVE-2014-0076 | The Montgomery ladder implementation in OpenSSL through 1.0.0l does no ... |
| CVE-2013-6450 | The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l ... |
| CVE-2013-6449 | The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before 1.0. ... |
| CVE-2013-4353 | The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1. ... |
| CVE-2013-0169 | The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as use ... |
| CVE-2013-0166 | OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d do ... |
| CVE-2012-4929 | The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google C ... |
| CVE-2012-2686 | crypto/evp/e_aes_cbc_hmac_sha1.c in the AES-NI functionality in the TL ... |
| CVE-2012-2333 | Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1 ... |
| CVE-2012-2131 | Multiple integer signedness errors in crypto/buffer/buffer.c in OpenSS ... |
| CVE-2012-2110 | The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL be ... |
| CVE-2012-1165 | The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL befor ... |
| CVE-2012-0884 | The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 i ... |
| CVE-2012-0050 | OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, ... |
| CVE-2012-0027 | The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle inva ... |
| CVE-2011-5095 | The Diffie-Hellman key-exchange implementation in OpenSSL 0.9.8, when ... |
| CVE-2011-4619 | The Server Gated Cryptography (SGC) implementation in OpenSSL before 0 ... |
| CVE-2011-4577 | OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is ... |
| CVE-2011-4576 | The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0 ... |
| CVE-2011-4354 | crypto/bn/bn_nist.c in OpenSSL before 0.9.8h on 32-bit platforms, as u ... |
| CVE-2011-4109 | Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_ ... |
| CVE-2011-4108 | The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f ... |
| CVE-2011-3210 | The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through ... |
| CVE-2011-3207 | crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initial ... |
| CVE-2011-1945 | The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and ... |
| CVE-2011-0014 | ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c ... |
| CVE-2010-5298 | Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL ... |
| CVE-2010-4252 | OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly valid ... |
| CVE-2010-4180 | OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_R ... |
| CVE-2010-3864 | Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9 ... |
| CVE-2010-2939 | Double free vulnerability in the ssl3_get_key_exchange function in the ... |
| CVE-2010-1633 | RSA verification recovery in the EVP_PKEY_verify_recover function in O ... |
| CVE-2010-1378 | OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perfo ... |
| CVE-2010-0742 | The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cm ... |
| CVE-2010-0740 | The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through ... |
| CVE-2010-0433 | The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before ... |
| CVE-2009-4355 | Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib ... |
| CVE-2009-3555 | The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as us ... |
| CVE-2009-3245 | OpenSSL before 0.9.8m does not check for a NULL return value from bn_w ... |
| CVE-2009-2409 | The Network Security Services (NSS) library before 3.12.3, as used in ... |
| CVE-2009-1387 | The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in Open ... |
| CVE-2009-1386 | ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause ... |
| CVE-2009-1379 | Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment f ... |
| CVE-2009-1378 | Multiple memory leaks in the dtls1_process_out_of_seq_message function ... |
| CVE-2009-1377 | The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and ... |
| CVE-2009-0789 | OpenSSL before 0.9.8k on WIN64 and certain other platforms does not pr ... |
| CVE-2009-0653 | OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an ... |
| CVE-2009-0591 | The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is ... |
| CVE-2009-0590 | The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remo ... |
| CVE-2008-7270 | OpenSSL before 0.9.8j, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is ... |
| CVE-2008-5077 | OpenSSL 0.9.8i and earlier does not properly check the return value fr ... |
| CVE-2008-1672 | OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of ... |
| CVE-2008-0891 | Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS s ... |
| CVE-2008-0166 | OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operat ... |
| CVE-2007-5135 | Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9 ... |
| CVE-2007-4995 | Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0. ... |
| CVE-2007-3108 | The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9. ... |
| CVE-2006-7250 | The mime_hdr_cmp function in crypto/asn1/asn_mime.c in OpenSSL 0.9.8t ... |
| CVE-2006-4343 | The get_server_hello function in the SSLv2 client code in OpenSSL 0.9. ... |
| CVE-2006-4339 | OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, wh ... |
| CVE-2006-3738 | Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9. ... |
| CVE-2006-2940 | OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions ... |
| CVE-2006-2937 | OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote atta ... |
| CVE-2005-2969 | The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0 ... |
| CVE-2005-2946 | The default configuration on OpenSSL before 0.9.8 uses MD5 for creatin ... |
| CVE-2004-0975 | The der_chop script in the openssl package in Trustix Secure Linux 1.5 ... |
| CVE-2004-0112 | The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, wh ... |
| CVE-2004-0081 | OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message t ... |
| CVE-2004-0079 | The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0. ... |
| CVE-2003-0545 | Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to ... |
| CVE-2003-0544 | OpenSSL 0.9.6 and 0.9.7 does not properly track the number of characte ... |
| CVE-2003-0543 | Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to ... |
| CVE-2003-0147 | OpenSSL does not use RSA blinding by default, which allows local and r ... |
| CVE-2003-0131 | The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and ... |
| CVE-2003-0078 | ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before ... |
| CVE-2002-1568 | OpenSSL 0.9.6e uses assertions when detecting buffer overflow attacks ... |
| CVE-2002-0659 | The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and ea ... |
| CVE-2002-0657 | Buffer overflow in OpenSSL 0.9.7 before 0.9.7-beta3, with Kerberos ena ... |
| CVE-2002-0656 | Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and ea ... |
| CVE-2002-0655 | OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not prop ... |
| CVE-2000-1254 | crypto/rsa/rsa_gen.c in OpenSSL before 0.9.6 mishandles C bitwise-shif ... |