Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2014-0160

The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.

  • Published: Apr 8, 2014
  • Updated: Apr 13, 2023
  • CVE: CVE-2014-0160
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

Software From Fixed in
openssl / openssl 1.0.1 1.0.1g
filezilla-project / filezilla_server - 0.9.44
siemens / application_processing_engine_firmware 2.0 2.0.x
siemens / cp_1543-1_firmware 1.1 1.1.x
siemens / simatic_s7-1500_firmware 1.5 1.5.x
siemens / simatic_s7-1500t_firmware 1.5 1.5.x
siemens / elan-8.2 - 8.3.3
siemens / wincc_open_architecture 3.12 3.12.x
intellian / v100_firmware 1.20 1.20.x
intellian / v100_firmware 1.21 1.21.x
intellian / v100_firmware 1.24 1.24.x
intellian / v60_firmware 1.15 1.15.x
intellian / v60_firmware 1.25 1.25.x
mitel / micollab 6.0 6.0.x
mitel / micollab 7.0 7.0.x
mitel / micollab 7.1 7.1.x
mitel / micollab 7.2 7.2.x
mitel / micollab 7.3.0.104 7.3.0.104.x
mitel / micollab 7.3 7.3.x
mitel / mivoice 1.1.3.3 1.1.3.3.x
mitel / mivoice 1.2.0.11 1.2.0.11.x
mitel / mivoice 1.3.2.2 1.3.2.2.x
mitel / mivoice 1.4.0.102 1.4.0.102.x
mitel / mivoice 1.1.2.5 1.1.2.5.x
opensuse / opensuse 12.3 12.3.x
opensuse / opensuse 13.1 13.1.x
canonical / ubuntu_linux 13.10 13.10.x
canonical / ubuntu_linux 12.10 12.10.x
canonical / ubuntu_linux 12.04 12.04.x
fedoraproject / fedora 20 20.x
fedoraproject / fedora 19 19.x
redhat / enterprise_linux_server_eus 6.5 6.5.x
redhat / storage 2.1 2.1.x
redhat / enterprise_linux_server_aus 6.5 6.5.x
redhat / enterprise_linux_server_tus 6.5 6.5.x
redhat / enterprise_linux_desktop 6.0 6.0.x
redhat / enterprise_linux_server 6.0 6.0.x
redhat / enterprise_linux_workstation 6.0 6.0.x
redhat / gluster_storage 2.1 2.1.x
redhat / virtualization 6.0 6.0.x
debian / debian_linux 8.0 8.0.x
debian / debian_linux 7.0 7.0.x
debian / debian_linux 6.0 6.0.x
ricon / s9922l_firmware 16.10.3(3794) 16.10.3(3794).x
broadcom / symantec_messaging_gateway 10.6.0 10.6.0.x
broadcom / symantec_messaging_gateway 10.6.1 10.6.1.x
splunk / splunk 6.0.0 6.0.3