Public OpenSSL bug reports.

Team Bounty Title
OpenSSL (IBB) $500 Excessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308)
OpenSSL (IBB) $500 Excessive allocation of memory in tls_get_message_header() (CVE-2016-6307)
OpenSSL (IBB) $500 Certificate message OOB reads (CVE-2016-6306)
OpenSSL (IBB) $500 OOB read in TS_OBJ_print_bio() (CVE-2016-2180)
OpenSSL (IBB) $500 OOB write in BN_bn2dec() (CVE-2016-2182)
OpenSSL (IBB) $500 Malformed SHA512 ticket DoS (CVE-2016-6302)
OpenSSL (IBB) $500 OOB write in MDC2_Update() (CVE-2016-6303)
OpenSSL (IBB) $2,500 OCSP Status Request extension unbounded memory growth (CVE-2016-6304)
OpenSSL (IBB) $1,000 CVE-2017-3730: Bad (EC)DHE parameters cause a client crash
OpenSSL (IBB) - Remote client memory corruption in ssl_add_clienthello_tlsext()
OpenSSL (IBB) - Double-free in X509 parsing
OpenSSL $500 SSLv2 doesn't block disabled ciphers (CVE-2015-3197)
OpenSSL $2,500 Cross-protocol attack on TLS using SSLv2 (DROWN) (CVE-2016-0800)
OpenSSL $500 CVE-2016-2177 Undefined pointer arithmetic in SSL code
OpenSSL $1,000 Bleichenbacher oracle in SSLv2 (CVE-2016-0704)
OpenSSL $2,500 Divide-and-conquer session key recovery in SSLv2 (CVE-2016-0703)
OpenSSL $2,500 Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
OpenSSL $500 EBCDIC overread (CVE-2016-2176)
OpenSSL $500 EVP_EncryptUpdate overflow (CVE-2016-2106)
OpenSSL $500 EVP_EncodeUpdate overflow (CVE-2016-2105)
OpenSSL - Potential double free in EVP_DigestInit_ex
OpenSSL $500 ASN.1 BIO excessive memory allocation (CVE-2016-2109)
OpenSSL $1,000 BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193)
OpenSSL - b2i_PVK_bio heap corruption
OpenSSL $500 BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption (CVE-2016-0797)
OpenSSL $500 CVE-2016-0799 memory issues in BIO_*printf functions
OpenSSL $2,500 OpenSSL Key Recovery Attack on DH small subgroups (CVE-2016-0701)