| CVE-2023-0215 |
high |
— |
8.0 |
|
|
|
3y ago |
RHSA-2023:2932: edk2 security update (Important) |
| CVE-2022-4304 |
high |
— |
8.0 |
|
|
|
3y ago |
RHSA-2023:2932: edk2 security update (Important) |
| CVE-2023-0286 |
high |
— |
8.0 |
|
|
|
3y ago |
RHSA-2025:7895: compat-openssl10 security update (Important) |
| CVE-2022-4450 |
high |
— |
8.0 |
|
|
|
3y ago |
RHSA-2023:2932: edk2 security update (Important) |
| CVE-2022-3602 |
high |
— |
8.0 |
|
|
|
4y ago |
Important: openssl security update |
| CVE-2022-3786 |
high |
— |
8.0 |
|
|
|
4y ago |
Important: openssl security update |
| CVE-2021-3711 |
high |
— |
8.0 |
|
|
|
5y ago |
In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "o… |
| CVE-2021-3450 |
high |
— |
8.0 |
|
|
|
5y ago |
RHSA-2021:1024: openssl security update (Important) |
| CVE-2021-3449 |
high |
— |
8.0 |
|
|
|
5y ago |
RHSA-2021:1024: openssl security update (Important) |
| CVE-2020-1967 |
high |
— |
8.0 |
|
|
|
6y ago |
Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signat… |
| CVE-2022-0778 |
high |
7.5 |
7.5 |
|
|
|
4y ago |
RHSA-2022:5326: compat-openssl10 security update (Low) |
| CVE-2023-0401 |
medium |
— |
5.5 |
|
|
|
3y ago |
Moderate: openssl security and bug fix update |
| CVE-2022-4203 |
medium |
— |
5.5 |
|
|
|
3y ago |
Moderate: openssl security and bug fix update |
| CVE-2023-0216 |
medium |
— |
5.5 |
|
|
|
3y ago |
Moderate: openssl security and bug fix update |
| CVE-2023-0217 |
medium |
— |
5.5 |
|
|
|
3y ago |
Moderate: openssl security and bug fix update |
| CVE-2022-2097 |
medium |
— |
5.5 |
|
|
|
4y ago |
RHSA-2022:5818: openssl security update (Moderate) |
| CVE-2022-1343 |
medium |
— |
5.5 |
|
|
|
4y ago |
Moderate: openssl security and bug fix update |
| CVE-2022-1473 |
medium |
— |
5.5 |
|
|
|
4y ago |
Moderate: openssl security and bug fix update |
| CVE-2021-4044 |
medium |
— |
5.5 |
|
|
|
5y ago |
Internally libssl in OpenSSL calls X509_verify_cert() on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error (… |
| CVE-2021-3712 |
medium |
— |
5.5 |
|
|
|
5y ago |
RHSA-2021:5226: openssl security update (Moderate) |
| CVE-2021-23841 |
medium |
— |
5.5 |
|
|
|
5y ago |
RHSA-2021:4424: openssl security and bug fix update (Moderate) |
| CVE-2021-23840 |
medium |
— |
5.5 |
|
|
|
5y ago |
RHSA-2021:4424: openssl security and bug fix update (Moderate) |
| CVE-2022-3358 |
low |
— |
3.5 |
|
|
|
4y ago |
Low: openssl security and bug fix update |
| CVE-2022-3996 |
unknown |
— |
— |
|
|
|
4y ago |
If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems (most widely: Windows) t… |
| CVE-2022-2274 |
unknown |
— |
— |
|
|
|
4y ago |
The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys… |
| CVE-2022-1434 |
unknown |
— |
— |
|
|
|
4y ago |
The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attacker could exploit this issue by performin… |
