|
171
|
-
4.3
|
MEDIUM
|
The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL servers to cause a denial of service (NULL pointer dereference and client application crash) via a Se…
|
NVD-CWE-Other
|
CVE-2014-5139
|
cpe:2.3:a:openssl:openssl:1.0.1h:* cpe:2.3:a:openssl:openssl:1.0.1g:* cpe:2.3:a:openssl:openssl:1.0.1f:* cpe:2…
|
|
|
|
|
2024-11-21 11:11
2014-08-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
172
|
-
7.5
|
HIGH
|
Multiple buffer overflows in crypto/srp/srp_lib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of service (application crash) or possibly have uns…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3512
|
cpe:2.3:a:openssl:openssl:1.0.1h:* cpe:2.3:a:openssl:openssl:1.0.1g:* cpe:2.3:a:openssl:openssl:1.0.1f:* cpe:2…
|
|
|
|
|
2024-11-21 11:08
2014-08-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
173
|
-
4.3
|
MEDIUM
|
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1 before 1.0.1i allows man-in-the-middle attackers to force the use of TLS 1.0 by triggering ClientHello message fragmentation in comm…
|
NVD-CWE-noinfo
|
CVE-2014-3511
|
cpe:2.3:a:openssl:openssl:1.0.1h:* cpe:2.3:a:openssl:openssl:1.0.1g:* cpe:2.3:a:openssl:openssl:1.0.1f:* cpe:2…
|
|
|
|
|
2024-11-21 11:08
2014-08-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
174
|
-
4.3
|
MEDIUM
|
The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote DTLS servers to cause a denial of service (NULL poi…
|
NVD-CWE-Other
|
CVE-2014-3510
|
cpe:2.3:a:openssl:openssl:1.0.1h:* cpe:2.3:a:openssl:openssl:1.0.1g:* cpe:2.3:a:openssl:openssl:1.0.1f:* cpe:2…
|
|
|
|
|
2024-11-21 11:08
2014-08-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
175
|
-
6.8
|
MEDIUM
|
Race condition in the ssl_parse_serverhello_tlsext function in t1_lib.c in OpenSSL 1.0.0 before 1.0.0n and 1.0.1 before 1.0.1i, when multithreading and session resumption are used, allows remote SSL …
|
CWE-362
Race Condition
|
CVE-2014-3509
|
cpe:2.3:a:openssl:openssl:1.0.1h:* cpe:2.3:a:openssl:openssl:1.0.1g:* cpe:2.3:a:openssl:openssl:1.0.1f:* cpe:2…
|
|
|
|
|
2024-11-21 11:08
2014-08-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
176
|
-
4.3
|
MEDIUM
|
The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is used, does not ensure the presence of '\0' …
|
CWE-200
Information Exposure
|
CVE-2014-3508
|
cpe:2.3:a:openssl:openssl:1.0.1h:* cpe:2.3:a:openssl:openssl:1.0.1g:* cpe:2.3:a:openssl:openssl:1.0.1f:* cpe:2…
|
|
|
|
|
2024-11-21 11:08
2014-08-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
177
|
-
5.0
|
MEDIUM
|
Memory leak in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumpt…
|
CWE-399
Resource Management Errors
|
CVE-2014-3507
|
cpe:2.3:a:openssl:openssl:1.0.1h:* cpe:2.3:a:openssl:openssl:1.0.1g:* cpe:2.3:a:openssl:openssl:1.0.1f:* cpe:2…
|
|
|
|
|
2024-11-21 11:08
2014-08-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
178
|
-
5.0
|
MEDIUM
|
d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via crafte…
|
CWE-399
Resource Management Errors
|
CVE-2014-3506
|
cpe:2.3:a:openssl:openssl:1.0.1h:* cpe:2.3:a:openssl:openssl:1.0.1g:* cpe:2.3:a:openssl:openssl:1.0.1f:* cpe:2…
|
|
|
|
|
2024-11-21 11:08
2014-08-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
179
|
-
5.0
|
MEDIUM
|
Double free vulnerability in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (a…
|
NVD-CWE-Other
|
CVE-2014-3505
|
cpe:2.3:a:openssl:openssl:1.0.1h:* cpe:2.3:a:openssl:openssl:1.0.1g:* cpe:2.3:a:openssl:openssl:1.0.1f:* cpe:2…
|
|
|
|
|
2024-11-21 11:08
2014-08-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
180
|
-
4.3
|
MEDIUM
|
The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers t…
|
CWE-476
NULL Pointer Dereference
|
CVE-2014-3470
|
cpe:2.3:a:openssl:openssl:*:*
|
1.0.0 1.0.1
|
|
|
1.0.0m 1.0.1h 0.9.8za
|
2024-11-21 11:08
2014-06-6
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|