Количество 33
Количество 33
CVE-2015-3196
ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of service (race condition and double free) via a crafted ServerKeyExchange message.
CVE-2015-3196
ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and ...
CVE-2015-3194
crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RSA PSS ASN.1 signature that lacks a mask generation function parameter.
CVE-2015-3194
crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RSA PSS ASN.1 signature that lacks a mask generation function parameter.
CVE-2015-3194
crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RSA PSS ASN.1 signature that lacks a mask generation function parameter.
CVE-2015-3194
crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before ...
GHSA-wj5w-hq6m-54g7
ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of service (race condition and double free) via a crafted ServerKeyExchange message.
BDU:2016-01655
Уязвимость библиотеки OpenSSL, позволяющая нарушителю вызвать отказ в обслуживании
GHSA-g2vh-4463-xcx8
crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RSA PSS ASN.1 signature that lacks a mask generation function parameter.
BDU:2016-01653
Уязвимость библиотеки OpenSSL, позволяющая нарушителю вызвать отказ в обслуживании
openSUSE-SU-2016:0640-1
Security update for libopenssl0_9_8
openSUSE-SU-2016:1332-1
Security update for mysql-community-server
SUSE-SU-2019:14246-1
Security update for Mozilla Firefox
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2015-3196 ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of service (race condition and double free) via a crafted ServerKeyExchange message. | CVSS2: 4.3 | 7% Низкий | больше 9 лет назад |
| CVE-2015-3196 ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and ... | CVSS2: 4.3 | 7% Низкий | больше 9 лет назад |
 | CVE-2015-3194 crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RSA PSS ASN.1 signature that lacks a mask generation function parameter. | CVSS3: 7.5 | 58% Средний | больше 9 лет назад |
 | CVE-2015-3194 crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RSA PSS ASN.1 signature that lacks a mask generation function parameter. | CVSS2: 5.8 | 58% Средний | больше 9 лет назад |
| CVE-2015-3194 crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RSA PSS ASN.1 signature that lacks a mask generation function parameter. | CVSS3: 7.5 | 58% Средний | больше 9 лет назад |
| CVE-2015-3194 crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before ... | CVSS3: 7.5 | 58% Средний | больше 9 лет назад |
| GHSA-wj5w-hq6m-54g7 ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of service (race condition and double free) via a crafted ServerKeyExchange message. | 7% Низкий | около 3 лет назад | |
 | BDU:2016-01655 Уязвимость библиотеки OpenSSL, позволяющая нарушителю вызвать отказ в обслуживании | CVSS2: 4.3 | 7% Низкий | больше 9 лет назад |
| GHSA-g2vh-4463-xcx8 crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RSA PSS ASN.1 signature that lacks a mask generation function parameter. | CVSS3: 7.5 | 58% Средний | около 3 лет назад |
| BDU:2016-01653 Уязвимость библиотеки OpenSSL, позволяющая нарушителю вызвать отказ в обслуживании | CVSS2: 5 | 58% Средний | больше 9 лет назад |
 | openSUSE-SU-2016:0640-1 Security update for libopenssl0_9_8 | больше 9 лет назад | ||
| openSUSE-SU-2016:1332-1 Security update for mysql-community-server | около 9 лет назад | ||
| SUSE-SU-2019:14246-1 Security update for Mozilla Firefox | больше 5 лет назад |
Уязвимостей на страницу