OpenSSL

OpenSSL

300 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 41.68%
  • Veröffentlicht 26.09.2016 19:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.

Exploit
  • EPSS 16%
  • Veröffentlicht 26.09.2016 19:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The ssl3_read_bytes function in record/rec_layer_s3.c in OpenSSL 1.1.0 before 1.1.0a allows remote attackers to cause a denial of service (infinite loop) by triggering a zero-length record in an SSL_peek call.

  • EPSS 63.03%
  • Veröffentlicht 26.09.2016 19:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions.

  • EPSS 31.99%
  • Veröffentlicht 16.09.2016 05:59:13
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before 1.1.0 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vect...

  • EPSS 26.44%
  • Veröffentlicht 16.09.2016 05:59:12
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short.

  • EPSS 44.22%
  • Veröffentlicht 16.09.2016 05:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified ot...

  • EPSS 22.63%
  • Veröffentlicht 16.09.2016 05:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 mishandles early use of a new epoch number in conjunction with a large sequence number, which allows remote attackers to cause a denial of service (false-positive packet drops...

  • EPSS 26.56%
  • Veröffentlicht 16.09.2016 05:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many...

Medienbericht
  • EPSS 95.71%
  • Veröffentlicht 01.09.2016 00:59:00
  • Zuletzt bearbeitet 29.05.2026 21:16:27

The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birth...

  • EPSS 28.53%
  • Veröffentlicht 01.08.2016 02:59:11
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL through 1.0.2h allows remote attackers to cause a denial of service (out-of-bounds read and application cra...