CVSS: 7.5EPSS: 18%CPEs: 71EXPL: 0CVE-2009-4355 – openssl significant memory leak in certain SSLv3 requests (DoS)
https://notcve.org/view.php?id=CVE-2009-4355
14 Jan 2010 — Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678. Fuga de memoria en la función zlib_stateful_finish en crypto/comp/c_zlib.c en OpenSSL v0.9.8l y anteriores, y v1.0.0 ... • http://cvs.openssl.org/chngview?cn=19068 • CWE-399: Resource Management Errors CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 9.8EPSS: 11%CPEs: 1EXPL: 2CVE-2009-1379 – OpenSSL 0.9.8k/1.0.0-beta2 - DTLS Remote Memory Exhaustion Denial of Service
https://notcve.org/view.php?id=CVE-2009-1379
19 May 2009 — Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate. Vulnerabilidad de uso después de la liberación en (use-after-free) en la función dtls1_retrieve_buffered_fragment en ssl/d1_both.c en OpenSSL v1.0.0 Beta 2 permite a ataca... • https://www.exploit-db.com/exploits/8720 • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2007-5536
https://notcve.org/view.php?id=CVE-2007-5536
18 Oct 2007 — Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to cause a denial of service via unspecified vectors. Vulnerabilidad sin especificar en el OpenSSL anterior al A.00.09.07l en el HP-UX B.11.11, B.11.23 y B.11.31 permite a usuarios locales provocar una denegación de servicio a través de vectores sin especificar. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01203958 •