Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu gnutls vulnerabilities and exploits
(subscribe to this query)
5.6
CVSSv3
CVE-2018-16868
A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS#1 v1.5 data. An attacker who is able to run process on the same physical core as the victim process, could use this to extract plaintext or in som...
Gnu Gnutls
NA
CVE-2015-3308
Double free vulnerability in lib/x509/x509_ext.c in GnuTLS prior to 3.3.14 allows remote malicious users to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point.
Gnu Gnutls
Canonical Ubuntu Linux 15.04
NA
CVE-2015-6251
Double free vulnerability in GnuTLS prior to 3.3.17 and 3.4.x prior to 3.4.4 allows remote malicious users to cause a denial of service via a long DistinguishedName (DN) entry in a certificate.
Gnu Gnutls 3.3.16
Gnu Gnutls 3.3.15
Gnu Gnutls 3.3.8
Gnu Gnutls 3.3.7
Gnu Gnutls 3.3.0
Gnu Gnutls 3.3.12
Gnu Gnutls 3.3.11
Gnu Gnutls 3.3.4
Gnu Gnutls 3.3.3
Gnu Gnutls 3.4.3
Gnu Gnutls 3.3.10
Gnu Gnutls 3.3.9
Gnu Gnutls 3.3.2
Gnu Gnutls 3.3.1
Gnu Gnutls 3.3.14
Gnu Gnutls 3.3.13
Gnu Gnutls 3.3.6
Gnu Gnutls 3.3.5
Gnu Gnutls 3.4.0
Gnu Gnutls 3.4.1
Gnu Gnutls 3.4.2
Debian Debian Linux 8.0
NA
CVE-2014-8155
GnuTLS prior to 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle malicious users to spoof servers via a certificate issued by a CA certificate that is (1) not yet valid or (2) no longer valid.
Gnu Gnutls
NA
CVE-2014-1959
lib/x509/verify.c in GnuTLS prior to 3.1.21 and 3.2.x prior to 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote malicious users to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates.
Gnu Gnutls 3.1.12
Gnu Gnutls 3.1.13
Gnu Gnutls 3.1.14
Gnu Gnutls 3.1.6
Gnu Gnutls 3.1.7
Gnu Gnutls 3.1.15
Gnu Gnutls 3.1.16
Gnu Gnutls 3.1.8
Gnu Gnutls 3.1.9
Gnu Gnutls 3.1.10
Gnu Gnutls 3.1.11
Gnu Gnutls 3.1.4
Gnu Gnutls 3.1.5
Gnu Gnutls 3.1.18
Gnu Gnutls 3.1.17
Gnu Gnutls 3.1.0
Gnu Gnutls 3.1.1
Gnu Gnutls 3.1.2
Gnu Gnutls 3.1.3
Gnu Gnutls
Gnu Gnutls 3.1.19
Gnu Gnutls 3.2.7
NA
CVE-2009-5138
GnuTLS prior to 2.7.6, when the GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT flag is not enabled, treats version 1 X.509 certificates as intermediate CAs, which allows remote malicious users to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new...
Gnu Gnutls 2.7.3
Gnu Gnutls 2.7.2
Gnu Gnutls 2.7.4
Gnu Gnutls 2.7.1
Gnu Gnutls 2.7.0
Gnu Gnutls
NA
CVE-2013-4466
Buffer overflow in the dane_query_tlsa function in the DANE library (libdane) in GnuTLS 3.1.x prior to 3.1.15 and 3.2.x prior to 3.2.5 allows remote servers to cause a denial of service (memory corruption) via a response with more than four DANE entries.
Gnu Gnutls 3.1.2
Gnu Gnutls 3.1.3
Gnu Gnutls 3.1.4
Gnu Gnutls 3.1.5
Gnu Gnutls 3.2.0
Gnu Gnutls 3.2.2
Gnu Gnutls 3.1.13
Gnu Gnutls 3.1.0
Gnu Gnutls 3.1.7
Gnu Gnutls 3.2.1
Gnu Gnutls 3.2.3
Gnu Gnutls 3.1.12
Gnu Gnutls 3.1.14
Gnu Gnutls 3.1.1
Gnu Gnutls 3.1.6
Gnu Gnutls 3.1.8
Gnu Gnutls 3.2.4
Gnu Gnutls 3.1.9
Gnu Gnutls 3.1.10
Gnu Gnutls 3.1.11
NA
CVE-2013-4487
Off-by-one error in the dane_raw_tlsa in the DANE library (libdane) in GnuTLS 3.1.x prior to 3.1.16 and 3.2.x prior to 3.2.6 allows remote servers to cause a denial of service (memory corruption) via a response with more than four DANE entries. NOTE: this issue is due to an incom...
Gnu Gnutls 3.2.4
Gnu Gnutls 3.2.5
Gnu Gnutls 3.2.1
Gnu Gnutls 3.2.3
Gnu Gnutls 3.2.0
Gnu Gnutls 3.2.2
Gnu Gnutls 3.1.13
Gnu Gnutls 3.1.14
Gnu Gnutls 3.1.15
Gnu Gnutls 3.1.2
Gnu Gnutls 3.1.0
Gnu Gnutls 3.1.7
Gnu Gnutls 3.1.8
Gnu Gnutls 3.1.9
Gnu Gnutls 3.1.1
Gnu Gnutls 3.1.11
Gnu Gnutls 3.1.4
Gnu Gnutls 3.1.6
Gnu Gnutls 3.1.10
Gnu Gnutls 3.1.12
Gnu Gnutls 3.1.3
Gnu Gnutls 3.1.5
NA
CVE-2013-1619
The TLS implementation in GnuTLS prior to 2.12.23, 3.0.x prior to 3.0.28, and 3.1.x prior to 3.1.7 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote malicious users to c...
Gnu Gnutls 2.12.2
Gnu Gnutls 2.12.3
Gnu Gnutls 2.6.4
Gnu Gnutls 2.6.5
Gnu Gnutls 2.6.1
Gnu Gnutls 2.12.17
Gnu Gnutls 2.12.9
Gnu Gnutls 2.12.10
Gnu Gnutls 2.8.4
Gnu Gnutls 2.8.5
Gnu Gnutls 2.10.5
Gnu Gnutls 2.12.4
Gnu Gnutls 2.12.5
Gnu Gnutls 2.4.2
Gnu Gnutls 2.4.1
Gnu Gnutls 2.7.4
Gnu Gnutls 2.12.15
Gnu Gnutls 2.3.11
Gnu Gnutls 2.12.11
Gnu Gnutls 2.12.12
Gnu Gnutls 2.8.6
Gnu Gnutls 2.10.0
NA
CVE-2012-1569
The asn1_get_length_der function in decoding.c in GNU Libtasn1 prior to 2.12, as used in GnuTLS prior to 3.0.16 and other products, does not properly handle certain large length values, which allows remote malicious users to cause a denial of service (heap memory corruption and a...
Gnu Libtasn1 2.10
Gnu Libtasn1 2.3
Gnu Libtasn1 2.2
Gnu Libtasn1 1.3
Gnu Libtasn1 1.2
Gnu Libtasn1 0.3.6
Gnu Libtasn1 0.3.5
Gnu Libtasn1 0.2.17
Gnu Libtasn1 0.2.16
Gnu Libtasn1 0.2.15
Gnu Libtasn1 0.2.8
Gnu Libtasn1 0.2.7
Gnu Libtasn1 0.2.0
Gnu Libtasn1 0.1.2
Gnu Gnutls 1.0.20
Gnu Gnutls 1.0.21
Gnu Libtasn1 2.5
Gnu Libtasn1 2.4
Gnu Libtasn1 1.5
Gnu Libtasn1 1.4
Gnu Libtasn1 0.3.8
Gnu Libtasn1 0.3.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »