VIR Vulnerability Intelligence Relay

Search

Found 12 results in 25ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-31789 critical 9.8 9.8 FIX slesdebian debian opensslgoogle 2mo ago Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A heap buffer overflow may lead to a cr…
CVE-2016-6309 critical 9.8 9.8 FIX arch archdebian debian openssl 10y ago statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a denial of service (use-after-free) or possibly execute arbitra…
CVE-2016-6303 critical 9.8 9.8 FIX slesarch archdebian debian nodejsopenssl 10y ago Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before 1.1.0 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or poss…
CVE-2016-2182 critical 9.8 9.8 FIX slesarch archdebian debian hpopenssl 10y ago The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and…
CVE-2016-2177 critical 9.8 9.8 FIX slesarch archdebian debian hpopenssl 10y ago OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or…
CVE-2016-2108 critical 9.8 9.8 FIX slesdebian debian rhel openssl 10y ago The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via a…
CVE-2016-2842 critical 9.8 9.8 FIX debian debian openssl 10y ago The doapr_outch function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not verify that a certain memory allocation succeeds, which allows remote attackers to cau…
CVE-2016-0799 critical 9.8 9.8 FIX slesdebian debian opensslpulsesecure 10y ago The fmtstr function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g improperly calculates string lengths, which allows remote attackers to cause a denial of service (ov…
CVE-2016-0705 critical 9.8 9.8 FIX debian debianubuntu ubuntu oracleopenssl 10y ago Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory…
CVE-2011-4109 critical 9.3 FIX debian debian openssl 15y ago Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check.
CVE-2009-3245 critical 10.0 FIX debian debian openssl 17y ago OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, wh…
CVE-2009-3555 critical 9.8 10.0 EXPFIX debian debianubuntu ubuntufedora fedora apachegnumozilla 17y ago The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9…