High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-03-06	CVE-2019-1543	Use of Insufficiently Random Values vulnerability in Openssl ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. network high complexity openssl CWE-330	7.4
2018-06-12	CVE-2018-0732	Key Management Errors vulnerability in multiple products During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. network low complexity openssl debian canonical nodejs CWE-320	7.5
2017-11-13	CVE-2016-8610	Resource Exhaustion vulnerability in multiple products A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. network low complexity openssl debian redhat netapp paloaltonetworks oracle fujitsu CWE-400	7.5
2017-05-04	CVE-2017-3733	Improper Input Validation vulnerability in multiple products During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 before 1.1.0e to crash (dependent on ciphersuite). network low complexity openssl hp CWE-20	7.5
2017-05-04	CVE-2017-3731	Out-of-bounds Read vulnerability in multiple products If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. network low complexity openssl nodejs CWE-125	7.5
2017-05-04	CVE-2017-3730	NULL Pointer Dereference vulnerability in multiple products In OpenSSL 1.1.0 before 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. network low complexity openssl oracle CWE-476	7.5
2017-05-04	CVE-2016-7054	Improper Access Control vulnerability in Openssl 1.1.0/1.1.0A/1.1.0B In OpenSSL 1.1.0 before 1.1.0c, TLS connections using *-CHACHA20-POLY1305 ciphersuites are susceptible to a DoS attack by corrupting larger payloads. network low complexity openssl CWE-284	7.5
2017-05-04	CVE-2016-7053	NULL Pointer Dereference vulnerability in Openssl 1.1.0/1.1.0A/1.1.0B In OpenSSL 1.1.0 before 1.1.0c, applications parsing invalid CMS structures can crash with a NULL pointer dereference. network low complexity openssl CWE-476	7.5
2016-09-26	CVE-2016-7052	NULL Pointer Dereference vulnerability in multiple products crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation. network low complexity novell openssl nodejs CWE-476	7.5
2016-09-26	CVE-2016-6305	Improper Input Validation vulnerability in Openssl 1.1.0 The ssl3_read_bytes function in record/rec_layer_s3.c in OpenSSL 1.1.0 before 1.1.0a allows remote attackers to cause a denial of service (infinite loop) by triggering a zero-length record in an SSL_peek call. network low complexity openssl CWE-20	7.5