Exposição de OpenSSL
Web server extensions169
score de exposição
71.969
sites usam
0
em exploração
8
críticos
CVEs
152 resultadosCVE-2011-4121—The OpenSSL extension of Ruby (Git trunk) versions after 2011-09-01 up to 2011-11-03 always generated an exponent value of '1' to be used foEPSS 2.5%CVE-2024-12797MEDIUMRFC7250 handshakes with unauthenticated servers don't abort as expectedEPSS 2.4%CVE-2023-6129MEDIUMPOLY1305 MAC implementation corrupts vector registers on PowerPCEPSS 2.3%CVE-2023-6237MEDIUMExcessive time spent checking invalid RSA public keysEPSS 2.3%CVE-2026-45447HIGHHeap Use-After-Free in the PKCS7_verify() FunctionEPSS 2.3%CVE-2025-9231MEDIUMTiming side-channel in SM2 algorithm on 64 bit ARMEPSS 2.3%CVE-2022-1473HIGHResource leakage when decoding certificates and keysEPSS 2.3%CVE-2020-25644—A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. It may allow the attackeEPSS 2.2%CVE-2025-9232MEDIUMOut-of-bounds read in HTTP client no_proxy handlingEPSS 2.0%CVE-2022-2097—AES OCB fails to encrypt some bytesEPSS 2.0%CVE-2023-0216HIGHInvalid pointer dereference in d2i_PKCS7 functionsEPSS 1.9%CVE-2023-0217HIGHNULL dereference validating DSA public keyEPSS 1.9%CVE-2023-0401HIGHNULL dereference during PKCS7 data verificationEPSS 1.9%CVE-2025-9230HIGHOut-of-bounds read & write in RFC 3211 KEK UnwrapEPSS 1.8%CVE-2023-0466MEDIUMCertificate policy check not enabledEPSS 1.6%CVE-2016-8517—A cross site scripting vulnerability in HPE Systems Insight Manager in all versions prior to 7.6 was found.EPSS 1.6%CVE-2023-0465MEDIUMInvalid certificate policies in leaf certificates are silently ignoredEPSS 1.6%CVE-2022-4203MEDIUMX.509 Name Constraints Read Buffer OverflowEPSS 1.5%CVE-2022-3996HIGHX.509 Policy Constraints Double LockingEPSS 1.2%CVE-2019-1547—ECDSA remote timing attackEPSS 1.2%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →