| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-3566 | 4.3 |
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
|
12-09-2023 - 14:55 | 15-10-2014 - 00:55 | |
| CVE-2016-0800 | 4.3 |
The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote
|
13-12-2022 - 12:15 | 01-03-2016 - 20:59 | |
| CVE-2016-0799 | 10.0 |
The fmtstr function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g improperly calculates string lengths, which allows remote attackers to cause a denial of service (overflow and out-of-bounds read) or possibly have uns
|
13-12-2022 - 12:15 | 03-03-2016 - 20:59 | |
| CVE-2016-0705 | 10.0 |
Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other imp
|
13-12-2022 - 12:15 | 03-03-2016 - 20:59 | |
| CVE-2016-2842 | 10.0 |
The doapr_outch function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not verify that a certain memory allocation succeeds, which allows remote attackers to cause a denial of service (out-of-bounds write or memo
|
05-01-2018 - 02:30 | 03-03-2016 - 20:59 |