Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

OpenSSL — Vulnerabilities & Security Advisories 99

Browse all 99 CVE security advisories affecting OpenSSL. AI-powered Chinese analysis, POCs, and references for each vulnerability.

OpenSSL is an open-source toolkit implementing the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, primarily used to encrypt network traffic for web servers, email systems, and other internet services. Its widespread adoption makes it a critical infrastructure component, yet its complexity has historically led to numerous vulnerabilities. Common flaw classes include buffer overflows, memory corruption issues, and logic errors that can facilitate remote code execution or denial of service attacks. Notable incidents, such as the Heartbleed bug, exposed sensitive memory data, highlighting risks associated with complex cryptographic implementations. With approximately 99 recorded CVEs, the project emphasizes rigorous code auditing and timely patching to mitigate these risks. Developers must maintain strict version control and apply updates promptly to ensure secure communications, as unpatched instances remain vulnerable to exploitation by malicious actors seeking to intercept or manipulate data in transit.

Found 98 results / 99Clear Filters
Top products by OpenSSL: OpenSSL OpenSSL extension of Ruby (Git trunk)
Critical2026-04-23
OpenSSL多组件密钥生成及PRNG漏洞分析
HighCVE-2020-317892026-04-08
Avoid possible buffer overflow in buf2hex conversion · openssl/openssl@a91e537 · GitHub
HighCVE-2020-317892026-04-08
Avoid possible buffer overflow in buf2hex conversion · openssl/openssl@7a9087e · GitHub
HighCVE-2020-317892026-04-08
Avoid possible buffer overflow in buf2hex conversion · openssl/openssl@945b935 · GitHub
HighCVE-2020-317892026-04-08
Avoid possible buffer overflow in buf2hex conversion · openssl/openssl@364f095 · GitHub
HighCVE-2020-203902026-04-08
Fix NULL deref in rsa_cms_decrypt · openssl/openssl@2e39b7a · GitHub
High2026-04-08
Fix NULL deref in rsa_cms_decrypt · openssl/openssl@01194a8 · GitHub
MediumCVE-2020-283802026-04-08
Out-of-bounds read in AES-CFB-128 on X86-64 with AVX-512 support · openssl/openssl@61f428a · GitHub
HighCVE-2020-317992026-04-08
rsa_kem: validate RSA_public_encrypt() result in RSASVE · openssl/openssl@eed200f · GitHub
HighCVE-2020-31002026-04-08
rsa_kem: validate RSA_public_encrypt() result in RSASVE · openssl/openssl@abd8b2e · GitHub
HighCVE-2020-197092026-04-08
rsa_kem: validate RSA_public_encrypt() result in RSASVE · openssl/openssl@d5f8e71 · GitHub
HighCVE-2020-317902026-04-08
rsa_kem: validate RSA_public_encrypt() result in RSASVE · openssl/openssl@b922e24 · GitHub
UnknownCVE-2020-283902026-04-08
Fix NULL deref in rsa_cms_decrypt · openssl/openssl@af2a5fe · GitHub
Medium2026-04-08
OpenSSL 4月安全公告:CVE-2026-31790内存泄露及越界读取等漏洞修复
HighCVE-2020-193892026-04-08
Fix NULL deref in [ec]dh_cms_set_shared_info · openssl/openssl@16cea41 · GitHub
HighCVE-2020-193892026-04-08
Fix NULL deref in [ec]dh_cms_set_shared_info · openssl/openssl@c672563 · GitHub
High2026-04-02
[openssl] Don't set openssldir to a potentially-world-writable location. by BillyONeal · Pull Request #50518 · microsoft
UnknownCVE-2025-154672026-01-28
Correct handling of AEAD-encrypted CMS with inadmissibly long IV · openssl/openssl@6ced0fe · GitHub
High2026-01-28
OpenSSL安全公告:CVE-2025-11187/15467/15468漏洞及补丁建议
Low2026-01-28
Check return code of UTF8_putc · openssl/openssl@7e9cac9 · GitHub

Showing up to 20 recent security advisories. View all →

This page lists every published CVE security advisory associated with OpenSSL. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.