| Max CVSS | 10.0 | Min CVSS | 1.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-2106 | 5.0 |
Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data.
|
13-12-2022 - 12:15 | 05-05-2016 - 01:59 | |
| CVE-2016-2109 | 7.8 |
The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (memory consumption) via a short invalid encoding.
|
13-12-2022 - 12:15 | 05-05-2016 - 01:59 | |
| CVE-2016-2108 | 10.0 |
The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the "ne
|
13-12-2022 - 12:15 | 05-05-2016 - 01:59 | |
| CVE-2015-3197 | 4.3 |
ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 tra
|
13-12-2022 - 12:15 | 15-02-2016 - 02:59 | |
| CVE-2016-2105 | 5.0 |
Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.
|
13-12-2022 - 12:15 | 05-05-2016 - 01:59 | |
| CVE-2016-0800 | 4.3 |
The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote
|
13-12-2022 - 12:15 | 01-03-2016 - 20:59 | |
| CVE-2016-0797 | 5.0 |
Multiple integer overflows in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allow remote attackers to cause a denial of service (heap memory corruption or NULL pointer dereference) or possibly have unspecified other impact via a long digit stri
|
13-12-2022 - 12:15 | 03-03-2016 - 20:59 | |
| CVE-2016-0799 | 10.0 |
The fmtstr function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g improperly calculates string lengths, which allows remote attackers to cause a denial of service (overflow and out-of-bounds read) or possibly have uns
|
13-12-2022 - 12:15 | 03-03-2016 - 20:59 | |
| CVE-2016-0702 | 1.9 |
The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not properly consider cache-bank access times during modular exponentiation, which makes it easier for local users to discov
|
13-12-2022 - 12:15 | 03-03-2016 - 20:59 |