Exposição de OpenSSL

Web server extensions

169

score de exposição

71.969

sites usam

0

em exploração

8

críticos

CVEs

152 resultados

CVE-2016-8610—A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processiEPSS 39.7%CVE-2022-2274—RSA implementation bug in AVX512IFMA instructionsEPSS 36.5%CVE-2016-7054—ChaCha20/Poly1305 heap-buffer-overflowEPSS 31.9%CVE-2016-7053—CMS Null dereferenceEPSS 21.3%CVE-2022-4450HIGHDouble free after calling PEM_read_bio_exEPSS 20.4%CVE-2018-0739—Constructed ASN.1 types with a recursive definition could exceed the stackEPSS 19.3%CVE-2021-3450—CA certificate check bypass with X509_V_FLAG_X509_STRICTEPSS 18.3%CVE-2017-3735—While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrEPSS 17.7%CVE-2019-1559—0-byte record padding oracleEPSS 17.1%CVE-2022-4304MEDIUMTiming Oracle in RSA DecryptionEPSS 16.2%CVE-2017-3732—BN_mod_exp may produce incorrect results on x86_64EPSS 15.9%CVE-2019-1551—rsaz_512_sqr overflow bug on x86_64EPSS 14.3%CVE-2017-3738—There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are aEPSS 13.4%CVE-2017-3733—Encrypt-Then-Mac renegotiation crashEPSS 12.6%CVE-2018-0734—Timing attack against DSAEPSS 12.2%CVE-2018-0737—Cache timing vulnerability in RSA Key GenerationEPSS 12.0%CVE-2017-3736—There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algoritEPSS 10.1%CVE-2018-0733—Incorrect CRYPTO_memcmp on HP-UX PA-RISCEPSS 8.6%CVE-2021-23841—Null pointer deref in X509_issuer_and_serial_hash()EPSS 7.5%CVE-2020-1971MEDIUMEDIPARTYNAME NULL pointer dereferenceEPSS 7.0%

← anteriorpágina 2 / 8próxima →

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →