| CVE-2021-3712 |
Read buffer overruns processing ASN.1 strings |
| CVE-2022-0778 |
Infinite loop in BN_mod_sqrt() reachable when parsing certificates |
| CVE-2022-4304 |
openssl: Timing Oracle in RSA Decryption |
| CVE-2022-4450 |
openssl: Double free after calling PEM_read_bio_ex |
| CVE-2023-0215 |
openssl: Use-after-free following BIO_new_NDEF |
| CVE-2023-0286 |
openssl: X.400 address type confusion in X.509 GeneralName |
| CVE-2023-0464 |
A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that includ |
| CVE-2023-0465 |
Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain check |
| CVE-2023-0466 |
The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. How |
| CVE-2023-2650 |
openssl Possible DoS translating ASN.1 object identifiers |
| CVE-2023-3446 |
Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_ |
| CVE-2023-3817 |
Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_ |
| CVE-2023-45236 |
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unaut |
| CVE-2023-45237 |
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unaut |
| CVE-2023-5678 |
Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: |
| CVE-2024-0727 |
Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summa |
| CVE-2024-1298 |
EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access. A |
| CVE-2024-13176 |
Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summ |
| CVE-2024-2511 |
Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An atta |
| CVE-2024-38796 |
EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage(). An Attacker may cause memory corruption due to an overflow via an adjacent network. |
| CVE-2024-38797 |
EDK2 contains a vulnerability in the HashPeImageByType(). A user may cause a read out of bounds when a corrupted data pointer and length are sent via |
| CVE-2024-38805 |
EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vu |
| CVE-2024-4741 |
Use After Free with SSL_free_buffers |
| CVE-2024-5535 |
Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory con |
| CVE-2024-6119 |
Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory |
| CVE-2024-9143 |
Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds mem |
| CVE-2025-2295 |
EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vu |
| CVE-2025-3770 |
EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vul |
