CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

23 matches found

OpenVAS•added 2020/01/23 12:0 a.m.•32 views

Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2017-1040)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.6AI score0.90348EPSS

Exploits4References2

OpenVAS•added 2020/01/23 12:0 a.m.•39 views

Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2017-1039)

9.8CVSS8.6AI score0.90348EPSS

Exploits4References2

OpenVAS•added 2020/01/23 12:0 a.m.•42 views

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2016-1047)

9.8CVSS8.5AI score0.28947EPSS

Exploits2References2

RedHat Linux•added 2018/07/12 4:14 p.m.•2 views

openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()

An out of bounds write flaw was discovered in the OpenSSL BNbn2dec function. An attacker able to make an application using OpenSSL to process a large BIGNUM could cause the application to crash or, possibly, execute arbitrary code...

9.8CVSS7.4AI score0.28947EPSS

Exploits1References5

RedHat Linux•added 2018/07/12 4:4 p.m.•2 views

openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()

9.8CVSS7.4AI score0.28947EPSS

Exploits1References5

Tenable Nessus•added 2017/05/01 12:0 a.m.•50 views

EulerOS 2.0 SP1 : openssl098e (EulerOS-SA-2017-1040)

According to the versions of the openssl098e package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The BNbn2dec function in crypto/bn/bnprint.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote...

9.8CVSS7.6AI score0.90348EPSS

Exploits4References5

Hacker One•added 2017/04/18 7:36 a.m.•45 views

Internet Bug Bounty: OOB write in BN_bn2dec() (CVE-2016-2182)

The function BNbn2dec does not check the return value of BNdivword. This can cause an OOB write if an application uses this function with an overly large BIGNUM. This could be a problem if an overly large certificate or CRL is printed out from an untrusted source. TLS is not affected because reco...

7.5CVSS8.7AI score0.28947EPSS

Exploits1

Fortinet•added 2017/04/03 12:0 a.m.•71 views

OpenSSL Security Advisory [22 Sept 2016]

The OpenSSL project released an advisory on Sept 22nd, 2016, describing 1 High, 1 Medium and 12 Low severity vulnerabilities, as listed below: OCSP Status Request extension unbounded memory growth CVE-2016-6304 SSLpeek hang on empty record CVE-2016-6305 SWEET32 Mitigation CVE-2016-2183 OOB write ...

7.8CVSS7.9AI score0.40993EPSS

Exploits9Affected Software27

android•added 2017/03/01 12:0 a.m.•23 views

CVE-2016-2182

The BNbn2dec function in crypto/bn/bnprint.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service out-of-bounds write and application crash or possibly have unspecified other impact via unknown vectors...

7.5CVSS6.9AI score0.28947EPSS

Exploits1References3Affected Software1

OpenVAS•added 2016/10/26 12:0 a.m.•47 views

Amazon Linux: Security Advisory (ALAS-2016-755)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.3AI score0.40993EPSS

Exploits7References2

Tenable Nessus•added 2016/09/30 12:0 a.m.•642 views

OpenSSL 1.0.2 < 1.0.2i Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.0.2i. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.2i advisory. - Multiple memory leaks in t1lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to...

9.8CVSS7.5AI score0.40993EPSS

Exploits8References30

Tenable Nessus•added 2016/09/28 12:0 a.m.•35 views

openSUSE Security Update : openssl (openSUSE-2016-1130)

This update for openssl fixes the following issues : OpenSSL Security Advisory 22 Sep 2016 boo999665 Severity: High - OCSP Status Request extension unbounded memory growth CVE-2016-6304 boo999666 Severity: Low - Pointer arithmetic undefined behaviour CVE-2016-2177 boo982575 - Constant time flag n...

9.8CVSS7.2AI score0.40993EPSS

Exploits8References28

RedHat Linux•added 2016/09/27 1:46 p.m.•0 views

openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()

9.8CVSS7.4AI score0.28947EPSS

Exploits1References5

Tenable Nessus•added 2016/09/23 12:0 a.m.•276 views

FreeBSD : OpenSSL -- multiple vulnerabilities (43eaa656-80bc-11e6-bf52-b499baebfeaf)

OpenSSL reports : High: OCSP Status Request extension unbounded memory growth SSLpeek hang on empty record SWEET32 Mitigation OOB write in MDC2Update Malformed SHA512 ticket DoS OOB write in BNbn2dec OOB read in TSOBJprintbio Pointer arithmetic undefined behaviour Constant time flag not preserved...

9.8CVSS7.3AI score0.40993EPSS

Exploits9References16