| Max CVSS | 9.3 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2013-0169 | 2.6 |
The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding,
|
12-05-2023 - 12:58 | 08-02-2013 - 19:55 | |
| CVE-2010-3864 | 7.6 |
Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers
|
13-02-2023 - 04:27 | 17-11-2010 - 16:00 | |
| CVE-2010-4180 | 4.3 |
OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an uninte
|
04-08-2022 - 19:59 | 06-12-2010 - 21:05 | |
| CVE-2013-0166 | 5.0 |
OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) vi
|
09-08-2018 - 01:29 | 08-02-2013 - 19:55 | |
| CVE-2012-0884 | 5.0 |
The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 in OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict certain oracle behavior, which makes it easier for context-dependent attackers to decrypt data via a Millio
|
10-01-2018 - 02:29 | 13-03-2012 - 03:12 | |
| CVE-2012-2333 | 6.8 |
Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified
|
05-01-2018 - 02:29 | 14-05-2012 - 22:55 | |
| CVE-2011-4109 | 9.3 |
Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check.
|
29-08-2017 - 01:30 | 06-01-2012 - 01:55 | |
| CVE-2011-4619 | 5.0 |
The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.
|
23-08-2016 - 02:04 | 06-01-2012 - 01:55 | |
| CVE-2011-4576 | 5.0 |
The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by
|
23-08-2016 - 02:04 | 06-01-2012 - 01:55 | |
| CVE-2011-4108 | 4.3 |
The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack.
|
23-08-2016 - 02:04 | 06-01-2012 - 01:55 | |
| CVE-2011-4577 | 4.3 |
OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate-extension data associated with (1) IP address bloc
|
26-03-2014 - 04:25 | 06-01-2012 - 01:55 |