Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

OpenSSL — Vulnerabilities & Security Advisories 104

All 104 CVE vulnerabilities found in OpenSSL, with AI-generated Chinese analysis, references, and POCs.

Vendor: OpenSSL

CVE IDTitleCVSSSeverityPaused
CVE-2024-5535 SSL_select_next_proto buffer overread CWE-125 9.1AICriticalAI2024-06-27
CVE-2024-4603 Excessive time spent checking DSA keys and parameters CWE-606 7.5AIHighAI2024-05-16
CVE-2023-6237 Excessive time spent checking invalid RSA public keys CWE-606 7.5 -2024-04-25
CVE-2024-2511 Unbounded memory growth with session handling in TLSv1.3 CWE-1325 7.5AIHighAI2024-04-08
CVE-2024-0727 PKCS12 Decoding crashes CWE-476 6.5 -2024-01-26
CVE-2023-6129 POLY1305 MAC implementation corrupts vector registers on PowerPC CWE-440 9.8AICriticalAI2024-01-09
CVE-2023-5678 Excessive time spent in DH check / generation with large Q parameter value CWE-606 5.3 -2023-11-06
CVE-2023-5363 Incorrect cipher key & IV length processing CWE-684 5.3 -2023-10-24
CVE-2023-4807 POLY1305 MAC implementation corrupts XMM registers on Windows CWE-440 9.8 -2023-09-08
CVE-2023-3817 Excessive time spent checking DH q parameter value CWE-606 7.5 -2023-07-31
CVE-2023-3446 Excessive time spent checking DH keys and parameters CWE-606 7.5 -2023-07-19
CVE-2023-2975 AES-SIV implementation ignores empty associated data entries CWE-354 7.5 -2023-07-14
CVE-2023-2650 Possible DoS translating ASN.1 object identifiers 7.5 -2023-05-30
CVE-2023-1255 Input buffer over-read in AES-XTS implementation on 64 bit ARM 7.5 -2023-04-20
CVE-2023-0466 Certificate policy check not enabled 5.3 -2023-03-28
CVE-2023-0465 Invalid certificate policies in leaf certificates are silently ignored 6.5 -2023-03-28
CVE-2023-0464 Excessive Resource Usage Verifying X.509 Policy Constraints 7.5 -2023-03-22
CVE-2022-4203 X.509 Name Constraints Read Buffer Overflow 4.9 -2023-02-24
CVE-2022-4304 Timing Oracle in RSA Decryption 5.9 -2023-02-08
CVE-2022-4450 Double free after calling PEM_read_bio_ex 7.5 -2023-02-08
CVE-2023-0215 Use-after-free following BIO_new_NDEF 9.1 -2023-02-08
CVE-2023-0216 Invalid pointer dereference in d2i_PKCS7 functions 7.5 -2023-02-08
CVE-2023-0217 NULL dereference validating DSA public key 7.5 -2023-02-08
CVE-2023-0286 X.400 address type confusion in X.509 GeneralName 9.1 -2023-02-08
CVE-2023-0401 NULL dereference during PKCS7 data verification 7.5 -2023-02-08
CVE-2022-3996 X.509 Policy Constraints Double Locking CWE-667 7.5 -2022-12-13
CVE-2022-3602 X.509 Email Address 4-byte Buffer Overflow 9.1 -2022-11-01
CVE-2022-3786 X.509 Email Address Variable Length Buffer Overflow 7.5 -2022-11-01
CVE-2022-3358 Using a Custom Cipher with NID_undef may lead to NULL encryption 7.5 -2022-10-11
CVE-2022-2097 AES OCB fails to encrypt some bytes 5.3 -2022-07-05

All 104 known CVE vulnerabilities affecting OpenSSL with full Chinese analysis, references, and POCs where available.