This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:openssl:openssl:1.0.2
Detail
VendorOpensslFirst view 2015-03-19
ProductOpensslLast view2019-02-27
Version1.0.2TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:openssl:openssl

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
4.32019-02-27CVE-2019-1559NetworkMediumNone Requ...
1.92018-11-15CVE-2018-5407LocalMediumNone Requ...
4.32018-10-30CVE-2018-0734NetworkMediumNone Requ...
52018-06-12CVE-2018-0732NetworkLowNone Requ...
4.32017-12-07CVE-2017-3738NetworkMediumNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
42017-11-02CVE-2017-3736NetworkLowRequires ...
52017-08-28CVE-2017-3735NetworkLowNone Requ...
4.32017-05-04CVE-2017-3732NetworkMediumNone Requ...
52017-05-04CVE-2017-3731NetworkLowNone Requ...
2.62017-05-04CVE-2016-7055NetworkHighNone Requ...
4.32016-09-26CVE-2016-6306NetworkMediumNone Requ...
7.82016-09-26CVE-2016-6304NetworkLowNone Requ...
7.52016-09-16CVE-2016-6303NetworkLowNone Requ...
52016-09-16CVE-2016-6302NetworkLowNone Requ...
7.52016-09-16CVE-2016-2182NetworkLowNone Requ...
52016-09-16CVE-2016-2181NetworkLowNone Requ...
52016-09-16CVE-2016-2179NetworkLowNone Requ...
52016-07-31CVE-2016-2180NetworkLowNone Requ...
2.12016-06-19CVE-2016-2178LocalLowNone Requ...
7.52016-06-19CVE-2016-2177NetworkLowNone Requ...
6.42016-05-04CVE-2016-2176NetworkLowNone Requ...
7.82016-05-04CVE-2016-2109NetworkLowNone Requ...
102016-05-04CVE-2016-2108NetworkLowNone Requ...
2.62016-05-04CVE-2016-2107NetworkHighNone Requ...

CWE : Common Weakness Enumeration

%idName
29% (15)CWE-200Information Exposure
11% (6)CWE-399Resource Management Errors
11% (6)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
7% (4)CWE-310Cryptographic Issues
7% (4)CWE-189Numeric Errors
Hide | Show 7 More...
%idName
5% (3)CWE-320Key Management Errors
5% (3)CWE-125Out-of-bounds Read
5% (3)CWE-20Improper Input Validation
5% (3)CWE-17Code
3% (2)CWE-787Out-of-bounds Write
1% (1)CWE-362Race Condition
1% (1)CWE-190Integer Overflow or Wraparound

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:29160USN-2639-1 -- openssl vulnerabilities
oval:org.mitre.oval:def:28583USN-2639-1 -- openssl vulnerabilities
oval:org.mitre.oval:def:29435AIX OpenSSL CMS Code vulnerability
oval:org.mitre.oval:def:29466HP-UX OpenSSL Vulnerability (CMS verify infinite loop with unknown hash funct...
oval:org.mitre.oval:def:29305AIX OpenSSL X509_cmp_time vulnerability
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:29191HP-UX OpenSSL Vulnerability (Exploitable out-of-bounds read in X509_cmp_time)
oval:org.mitre.oval:def:28833AIX OpenSSL Denial of Service (invalid read operation and application crash)
oval:org.mitre.oval:def:28933Potential security vulnerabilities have been identified with HP-UX running Op...
oval:org.mitre.oval:def:28785AIX OpenSSL Denial of Service (NULL pointer dereference and application crash)
oval:org.mitre.oval:def:28799Potential security vulnerabilities have been identified with HP-UX running Op...
oval:org.mitre.oval:def:28868AIX OpenSSL Denial of Service (assertion failure and daemon exit)
oval:org.mitre.oval:def:28849Potential security vulnerabilities have been identified with HP-UX running Op...
oval:org.mitre.oval:def:28514RHSA-2015:0800 -- openssl security update (Moderate)
oval:org.mitre.oval:def:29344AIX OpenSSL binary polynomial field vulnerability
oval:org.mitre.oval:def:29224HP-UX OpenSSL Vulnerability (Malformed ECParameters causes infinite loop)
oval:org.mitre.oval:def:28795AIX OpenSSL Denial of Service (memory corruption and application crash)
oval:org.mitre.oval:def:28557Potential security vulnerabilities have been identified with HP-UX running Op...
oval:org.mitre.oval:def:29017AIX OpenSSL PKCS#7 parsing code vulnerability
oval:org.mitre.oval:def:29229HP-UX OpenSSL Vulnerability (PKCS7 crash with missing EnvelopedContent)
oval:org.mitre.oval:def:28541AIX OpenSSL Denial of Service (invalid write operation and memory corruption)
oval:org.mitre.oval:def:28791Potential security vulnerabilities have been identified with HP-UX running Op...
oval:org.mitre.oval:def:28671AIX OpenSSL Denial of Service (NULL pointer dereference and application crash)
oval:org.mitre.oval:def:28477Potential security vulnerabilities have been identified with HP-UX running Op...
oval:org.mitre.oval:def:28506AIX OpenSSL NewSessionTicket vulnerability
oval:org.mitre.oval:def:29239HP-UX OpenSSL Vulnerability (Race condition handling NewSessionTicket)

Information Assurance Vulnerability Management (IAVM)

idDescription
2015-A-0222Multiple Security Vulnerabilities in Apple iOS
Severity : Category I - VMSKEY : V0061471
2015-A-0199Multiple Vulnerabilities in Apple Mac OS X
Severity : Category I - VMSKEY : V0061337
2015-A-0154Multiple Vulnerabilities in Oracle Fusion Middleware
Severity : Category I - VMSKEY : V0061081
2015-A-0160Multiple Vulnerabilities in Oracle Linux and Virtualization
Severity : Category I - VMSKEY : V0061123
2015-A-0135Multiple Vulnerabilities in Blue Coat ProxySG
Severity : Category I - VMSKEY : V0060997

Snort® IPS/IDS

DateDescription
2018-05-24X.509 IPAddressFamily extension buffer overread attempt
RuleID : 46418 - Type : SERVER-OTHER - Revision : 2
2018-05-24X.509 IPAddressFamily extension buffer overread attempt
RuleID : 46417 - Type : SERVER-OTHER - Revision : 2
2017-10-19Open SSL 1.0.2 DoS attempt with an invalid signature algorithm
RuleID : 44375 - Type : SERVER-OTHER - Revision : 2
2017-10-19Open SSL 1.0.2 DoS attempt with an invalid hash algorithm
RuleID : 44374 - Type : SERVER-OTHER - Revision : 2
2016-11-08OpenSSL OCSP Status Request Extension denial of service attempt
RuleID : 40360 - Type : SERVER-OTHER - Revision : 3
Hide | Show 11 More...
DateDescription
2016-04-05SSLv2 Client Hello attempt
RuleID : 38060 - Type : POLICY-OTHER - Revision : 3
2016-03-14OpenSSL invalid RSASSA-PSS certificate denial of service attempt
RuleID : 37155 - Type : SERVER-OTHER - Revision : 2
2016-03-14OpenSSL invalid RSASSA-PSS certificate denial of service attempt
RuleID : 37154 - Type : SERVER-OTHER - Revision : 2
2015-07-28OpenSSL invalid PSS parameter denial of service attempt
RuleID : 34956 - Type : SERVER-OTHER - Revision : 2
2015-07-28OpenSSL invalid PSS parameter denial of service attempt
RuleID : 34955 - Type : SERVER-OTHER - Revision : 2
2015-07-28OpenSSL invalid PSS parameter denial of service attempt
RuleID : 34954 - Type : SERVER-OTHER - Revision : 2
2015-07-28OpenSSL invalid PSS parameter denial of service attempt
RuleID : 34953 - Type : SERVER-OTHER - Revision : 2
2015-07-28OpenSSL invalid PSS parameter denial of service attempt
RuleID : 34952 - Type : SERVER-OTHER - Revision : 2
2015-07-19OpenSSL denial-of-service via crafted x.509 certificate attempt
RuleID : 34889 - Type : SERVER-OTHER - Revision : 3
2015-07-08OpenSSL zero-length ClientKeyExchange message denial of service attempt
RuleID : 34649 - Type : SERVER-OTHER - Revision : 2
2015-06-30OpenSSL handshake with potentially unseeded PRNG information disclosure attempt
RuleID : 34595 - Type : SERVER-OTHER - Revision : 2

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2019-01-18Name : The remote Fedora host is missing a security update.
File : fedora_2019-a8ffcff7ee.nasl - Type : ACT_GATHER_INFO
2019-01-17Name : The remote database server is affected by multiple vulnerabilities.
File : mysql_5_6_43.nasl - Type : ACT_GATHER_INFO
2019-01-17Name : The remote database server is affected by multiple vulnerabilities.
File : mysql_5_7_25.nasl - Type : ACT_GATHER_INFO
2019-01-17Name : The remote database server is affected by multiple vulnerabilities.
File : mysql_8_0_14.nasl - Type : ACT_GATHER_INFO
2019-01-11Name : The remote device is missing a vendor-supplied security patch.
File : juniper_jsa10919.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2019-01-08Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2019-1009.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-520e4c5b4e.nasl - Type : ACT_GATHER_INFO
2019-01-02Name : Tenable Nessus running on the remote host is affected by multiple vulnerabili...
File : nessus_tns_2018_16.nasl - Type : ACT_GATHER_INFO
2019-01-02Name : Tenable Nessus running on the remote host is affected by multiple vulnerabili...
File : nessus_tns_2018_17.nasl - Type : ACT_GATHER_INFO
2018-12-28Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1420.nasl - Type : ACT_GATHER_INFO
2018-12-28Name : The remote EulerOS host is missing a security update.
File : EulerOS_SA-2018-1434.nasl - Type : ACT_GATHER_INFO
2018-12-28Name : Node.js - JavaScript run-time environment is affected by multiple vulnerabili...
File : nodejs_2018_nov.nasl - Type : ACT_GATHER_INFO
2018-12-20Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4355.nasl - Type : ACT_GATHER_INFO
2018-12-10Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1392.nasl - Type : ACT_GATHER_INFO
2018-12-10Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_2a86f45afc3c11e8a41400155d006b02.nasl - Type : ACT_GATHER_INFO
2018-12-07Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2018-1102.nasl - Type : ACT_GATHER_INFO
2018-12-01Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4348.nasl - Type : ACT_GATHER_INFO
2018-11-23Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2018-325-01.nasl - Type : ACT_GATHER_INFO
2018-11-23Name : The remote Debian host is missing a security update.
File : debian_DLA-1586.nasl - Type : ACT_GATHER_INFO
2018-11-16Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2018-3221.nasl - Type : ACT_GATHER_INFO
2018-11-14Name : Node.js - JavaScript run-time environment is affected by multiple vulnerabili...
File : nodejs_2018_aug.nasl - Type : ACT_GATHER_INFO
2018-11-13Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_6f170cf2e6b711e8a9a8b499baebfeaf.nasl - Type : ACT_GATHER_INFO
2018-11-09Name : The remote Amazon Linux 2 host is missing a security update.
File : al2_ALAS-2018-1102.nasl - Type : ACT_GATHER_INFO
2018-11-09Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201811-03.nasl - Type : ACT_GATHER_INFO
2018-11-02Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2018-1098.nasl - Type : ACT_GATHER_INFO