Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

OpenSSL — Vulnerabilities & Security Advisories 104

All 104 CVE vulnerabilities found in OpenSSL, with AI-generated Chinese analysis, references, and POCs.

Vendor: OpenSSL

CVE IDTitleCVSSSeverityPublished
CVE-2022-2274 RSA implementation bug in AVX512IFMA instructions 9.8 -2022-07-01
CVE-2022-2068 The c_rehash script allows command injection 9.8 -2022-06-21
CVE-2022-1473 Resource leakage when decoding certificates and keys 7.5 -2022-05-03
CVE-2022-1434 Incorrect MAC key used in the RC4-MD5 ciphersuite 5.9 -2022-05-03
CVE-2022-1343 OCSP_basic_verify may incorrectly verify the response signing certificate 9.1 -2022-05-03
CVE-2022-1292 The c_rehash script allows command injection 9.8 -2022-05-03
CVE-2022-0778 Infinite loop in BN_mod_sqrt() reachable when parsing certificates 7.5 -2022-03-15
CVE-2021-4160 BN_mod_exp may produce incorrect results on MIPS 5.9 -2022-01-28
CVE-2021-4044 Invalid handling of X509_verify_cert() internal errors in libssl 7.5 -2021-12-14
CVE-2021-3712 Read buffer overruns processing ASN.1 strings 7.4 -2021-08-24
CVE-2021-3711 SM2 Decryption Buffer Overflow 9.8 -2021-08-24
CVE-2021-3449 NULL pointer deref in signature_algorithms processing 5.9 -2021-03-25
CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT 9.1 -2021-03-25
CVE-2021-23841 Null pointer deref in X509_issuer_and_serial_hash() 5.9 -2021-02-16
CVE-2021-23839 Incorrect SSLv2 rollback protection 7.5 -2021-02-16
CVE-2021-23840 Integer overflow in CipherUpdate 7.5 -2021-02-16
CVE-2020-1971 EDIPARTYNAME NULL pointer dereference 5.9 -2020-12-08
CVE-2020-1968 Raccoon attack 5.9 -2020-09-09
CVE-2020-1967 Segmentation fault in SSL_check_chain 7.5 -2020-04-21
CVE-2019-1551 rsaz_512_sqr overflow bug on x86_64 9.1 -2019-12-06
CVE-2019-1547 ECDSA remote timing attack 5.9 -2019-09-10
CVE-2019-1549 Fork Protection 4.0 -2019-09-10
CVE-2019-1563 Padding Oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey 3.7 -2019-09-10
CVE-2019-1552 Windows builds with insecure path defaults 5.5 -2019-07-30
CVE-2019-1543 ChaCha20-Poly1305 with long nonces 7.4 -2019-03-06
CVE-2019-1559 0-byte record padding oracle 3.7 -2019-02-27
CVE-2018-0734 Timing attack against DSA 5.9 -2018-10-30
CVE-2018-0735 Timing attack against ECDSA signature generation 7.5 -2018-10-29
CVE-2016-7056 OpenSSL 加密问题漏洞 CWE-385 5.5 -2018-09-10
CVE-2018-0732 Client DoS due to large DH parameter 7.5 -2018-06-12

All 104 known CVE vulnerabilities affecting OpenSSL with full Chinese analysis, references, and POCs where available.