The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of OpenSSL

OpenSSL: NULL pointer dereference via X509_issuer_and_serial_hash
An attacker can force a NULL pointer to be dereferenced via X509_issuer_and_serial_hash() of OpenSSL, in order to trigger a denial of service...
6429603, 6443405, 6445489, CERTFR-2021-AVI-124, CERTFR-2021-AVI-187, cpuapr2021, CVE-2021-23841, DLA-2563-1, DLA-2565-1, DSA-4855-1, openSUSE-SU-2021:0427-1, openSUSE-SU-2021:0430-1, SUSE-SU-2021:0725-1, SUSE-SU-2021:0752-1, SUSE-SU-2021:0753-1, SUSE-SU-2021:0754-1, SUSE-SU-2021:0755-1, SUSE-SU-2021:0769-1, SUSE-SU-2021:0793-1, SUSE-SU-2021:0939-1, SUSE-SU-2021:14667-1, SUSE-SU-2021:14670-1, SYMSA17570, USN-4738-1, USN-4745-1, VIGILANCE-VUL-34598
OpenSSL: buffer overflow via EVP_XUpdate
An attacker can trigger a buffer overflow via EVP_XUpdate of OpenSSL, in order to trigger a denial of service, and possibly to run code...
6429603, 6443405, 6445489, CERTFR-2021-AVI-124, CERTFR-2021-AVI-187, cpuapr2021, CVE-2021-23840, DLA-2563-1, DLA-2565-1, DSA-4855-1, openSUSE-SU-2021:0357-1, openSUSE-SU-2021:0372-1, openSUSE-SU-2021:0427-1, openSUSE-SU-2021:0430-1, STORM-2021-002, SUSE-SU-2021:0649-1, SUSE-SU-2021:0651-1, SUSE-SU-2021:0673-1, SUSE-SU-2021:0674-1, SUSE-SU-2021:0725-1, SUSE-SU-2021:0752-1, SUSE-SU-2021:0753-1, SUSE-SU-2021:0754-1, SUSE-SU-2021:0755-1, SUSE-SU-2021:0769-1, SUSE-SU-2021:0793-1, SUSE-SU-2021:0939-1, SUSE-SU-2021:14667-1, SUSE-SU-2021:14670-1, SYMSA17570, USN-4738-1, VIGILANCE-VUL-34597
OpenSSL 1.0.2: read-write access via SSLv2 Rollback Protection Bypass
An attacker can bypass access restrictions via SSLv2 Rollback Protection Bypass of OpenSSL 1.0.2, in order to read or alter data...
6443405, CERTFR-2021-AVI-124, CVE-2021-23839, VIGILANCE-VUL-34596
OpenSSL: information disclosure via DH Pre-master Secret Raccoon
An attacker can bypass access restrictions to data via DH Pre-master Secret Raccoon of OpenSSL, in order to obtain sensitive information...
CERTFR-2020-AVI-565, CVE-2020-1968, DLA-2378-1, K92451315, SUSE-SU-2020:14491-1, SUSE-SU-2020:14511-1, SUSE-SU-2020:2634-1, USN-4504-1, VIGILANCE-VUL-33287
OpenSSL: NULL pointer dereference via SSL_check_chain
An attacker can force a NULL pointer to be dereferenced via SSL_check_chain() of OpenSSL, in order to trigger a denial of service...
6235728, 6409294, bulletinjul2020, CERTFR-2020-AVI-235, cpujul2020, cpuoct2020, CVE-2020-1967, DSA-4661-1, FreeBSD-SA-20:11.openssl, JSA11074, openSUSE-SU-2020:0933-1, openSUSE-SU-2020:0945-1, SUSE-SU-2020:1058-1, SUSE-SU-2020:2041-1, VIGILANCE-VUL-32076
OpenSSL: information disclosure via Montgomery Squaring rsaz_512_sqr Overflow
An attacker can bypass access restrictions to data via Montgomery Squaring rsaz_512_sqr() Overflow of OpenSSL, in order to obtain sensitive information...
6228808, CERTFR-2019-AVI-611, cpujul2020, CVE-2019-1551, DSA-2020-062, DSA-2020-112, DSA-4594-1, DSA-4855-1, JSA11025, JSA11074, openSUSE-SU-2020:0062-1, RHSA-2020:4514-01, SSA:2019-354-01, SSB-439005, SUSE-SU-2020:0002-1, SUSE-SU-2020:0028-1, SUSE-SU-2020:0064-1, SUSE-SU-2020:0069-1, SUSE-SU-2020:0099-1, SUSE-SU-2020:0474-1, SYMSA1768, USN-4376-1, USN-4376-2, USN-4504-1, VIGILANCE-VUL-31088
OpenSSL: information disclosure via PKCS7/CMS Padding Oracle
An attacker can bypass access restrictions to data via PKCS7/CMS Padding Oracle of OpenSSL, in order to obtain sensitive information...
1137844, 1172266, 1172278, 3456663, 5695611, 5695629, 5695653, 5695851, 6199286, 6201879, CERTFR-2019-AVI-444, cpuapr2020, cpuoct2019, CVE-2019-1563, DLA-1932-1, DSA-2019-201, DSA-2020-062, DSA-4539-1, DSA-4539-2, DSA-4539-3, DSA-4540-1, JSA11074, NTAP-20190919-0002, openSUSE-SU-2019:2158-1, openSUSE-SU-2019:2189-1, openSUSE-SU-2019:2268-1, openSUSE-SU-2019:2269-1, RHSA-2020:1840-01, SSA:2019-254-03, STORM-2019-018, SUSE-SU-2019:14171-1, SUSE-SU-2019:14174-1, SUSE-SU-2019:2397-1, SUSE-SU-2019:2403-1, SUSE-SU-2019:2410-1, SUSE-SU-2019:2413-1, SUSE-SU-2019:2504-1, SUSE-SU-2019:2558-1, SUSE-SU-2019:2561-1, SUSE-SU-2020:0099-1, SUSE-SU-2020:2634-1, USN-4376-1, USN-4376-2, USN-4504-1, VIGILANCE-VUL-30293
OpenSSL: information disclosure via Fork Protection Low Random
An attacker can bypass access restrictions to data via Fork Protection Low Random of OpenSSL, in order to obtain sensitive information...
1137844, 1172266, 1172278, 5695611, 5695629, 5695653, 5695851, 6199286, 6201879, CERTFR-2019-AVI-444, cpuapr2020, cpuoct2019, CVE-2019-1549, DSA-4539-1, DSA-4539-2, DSA-4539-3, JSA11074, NTAP-20190919-0002, RHSA-2020:1840-01, SUSE-SU-2020:0099-1, USN-4376-1, USN-4376-2, VIGILANCE-VUL-30292
OpenSSL: information disclosure via ECDSA Falls Back
An attacker can bypass access restrictions to data via ECDSA Falls Back of OpenSSL, in order to obtain sensitive information...
1137844, 1172266, 1172278, 5695611, 5695629, 5695653, 5695851, 6199286, 6201879, CERTFR-2019-AVI-444, cpuapr2020, cpujan2020, cpuoct2019, CVE-2019-1547, DLA-1932-1, DSA-2019-201, DSA-2020-062, DSA-4539-1, DSA-4539-2, DSA-4539-3, DSA-4540-1, JSA11074, NTAP-20190919-0002, NTAP-20200122-0002, openSUSE-SU-2019:2158-1, openSUSE-SU-2019:2189-1, openSUSE-SU-2019:2268-1, openSUSE-SU-2019:2269-1, RHSA-2020:1840-01, SSA:2019-254-03, SUSE-SU-2019:14171-1, SUSE-SU-2019:14174-1, SUSE-SU-2019:2397-1, SUSE-SU-2019:2403-1, SUSE-SU-2019:2410-1, SUSE-SU-2019:2413-1, SUSE-SU-2019:2504-1, SUSE-SU-2019:2558-1, SUSE-SU-2019:2561-1, SUSE-SU-2020:0099-1, USN-4376-1, USN-4376-2, USN-4504-1, VIGILANCE-VUL-30291
OpenSSL Windows: privilege escalation via OPENSSLDIR
An attacker can bypass restrictions via OPENSSLDIR of OpenSSL Windows, in order to escalate his privileges...
1172266, 1172278, 3456663, 5695611, 5695629, 5695653, 5695851, 6199286, 6201879, CERTFR-2019-AVI-362, cpuapr2020, cpuoct2019, CVE-2019-1552, DSA-2020-062, FEDORA-2019-00c25b9379, JSA11074, VIGILANCE-VUL-29914
Our database contains other pages. You can request a free trial to read them.

Display information about OpenSSL: