Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu gnutls vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-1415
lib/pk-libgcrypt.c in libgnutls in GnuTLS prior to 2.6.6 does not properly handle invalid DSA signatures, which allows remote malicious users to cause a denial of service (application crash) and possibly have unspecified other impact via a malformed DSA key that triggers a (1) fr...
Gnu Gnutls
1 EDB exploit
NA
CVE-2009-1417
gnutls-cli in GnuTLS prior to 2.6.6 does not verify the activation and expiration times of X.509 certificates, which allows remote malicious users to successfully present a certificate that is (1) not yet valid or (2) no longer valid, related to lack of time checks in the _gnutls...
Gnu Gnutls 1.0.22
Gnu Gnutls 1.0.23
Gnu Gnutls 1.0.24
Gnu Gnutls 1.1.21
Gnu Gnutls 1.1.20
Gnu Gnutls 1.1.15
Gnu Gnutls 1.0.25
Gnu Gnutls 1.2.3
Gnu Gnutls 1.2.2
Gnu Gnutls 1.3.4
Gnu Gnutls 1.2.7
Gnu Gnutls 1.5.0
Gnu Gnutls 1.4.4
Gnu Gnutls 1.6.2
Gnu Gnutls 1.5.5
Gnu Gnutls 1.7.14
Gnu Gnutls 1.7.15
Gnu Gnutls 1.0.18
Gnu Gnutls 1.0.19
Gnu Gnutls 1.1.19
Gnu Gnutls 1.1.16
Gnu Gnutls 1.2.1
NA
CVE-2008-2377
Use-after-free vulnerability in the _gnutls_handshake_hash_buffers_clear function in lib/gnutls_handshake.c in libgnutls in GnuTLS 2.3.5 up to and including 2.4.0 allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via TLS transmi...
Gnu Gnutls 2.3.7
Gnu Gnutls 2.3.8
Gnu Gnutls 2.3.9
Gnu Gnutls 2.4.0
Gnu Gnutls 2.3.5
Gnu Gnutls 2.3.6
NA
CVE-2008-1948
The _gnutls_server_name_recv_params function in lib/ext_server_name.c in libgnutls in gnutls-serv in GnuTLS prior to 2.2.4 does not properly calculate the number of Server Names in a TLS 1.0 Client Hello message during extension handling, which allows remote malicious users to ca...
Gnu Gnutls 2.3.5
Gnu Gnutls 1.6.0
Gnu Gnutls 2.0.0
Gnu Gnutls 1.5.0
Gnu Gnutls 1.2.8
Gnu Gnutls 1.1.14
Gnu Gnutls 2.3.4
Gnu Gnutls 1.7.3
Gnu Gnutls 1.4.1
Gnu Gnutls 1.4.3
Gnu Gnutls 1.2.11
Gnu Gnutls 1.1.21
Gnu Gnutls 1.7.5
Gnu Gnutls 1.7.11
Gnu Gnutls 1.0.20
Gnu Gnutls 1.2.5
Gnu Gnutls 2.2.4
Gnu Gnutls 1.2.4
Gnu Gnutls 1.3.1
Gnu Gnutls 1.0.24
Gnu Gnutls 1.7.15
Gnu Gnutls 1.6.1
NA
CVE-2008-1949
The _gnutls_recv_client_kx_message function in lib/gnutls_kx.c in libgnutls in gnutls-serv in GnuTLS prior to 2.2.4 continues to process Client Hello messages within a TLS message after one has already been processed, which allows remote malicious users to cause a denial of servi...
Gnu Gnutls 2.3.5
Gnu Gnutls 1.6.0
Gnu Gnutls 2.0.0
Gnu Gnutls 1.5.0
Gnu Gnutls 1.2.8
Gnu Gnutls 1.1.14
Gnu Gnutls 2.3.4
Gnu Gnutls 1.7.3
Gnu Gnutls 1.4.1
Gnu Gnutls 1.4.3
Gnu Gnutls 1.2.11
Gnu Gnutls 1.1.21
Gnu Gnutls 1.7.5
Gnu Gnutls 1.7.11
Gnu Gnutls 1.0.20
Gnu Gnutls 1.2.5
Gnu Gnutls 2.2.4
Gnu Gnutls 1.2.4
Gnu Gnutls 1.3.1
Gnu Gnutls 1.0.24
Gnu Gnutls 1.7.15
Gnu Gnutls 1.6.1
NA
CVE-2008-1950
Integer signedness error in the _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in libgnutls in GnuTLS prior to 2.2.4 allows remote malicious users to cause a denial of service (buffer over-read and crash) via a certain integer value in the Random field in an encryp...
Gnu Gnutls 2.3.5
Gnu Gnutls 1.6.0
Gnu Gnutls 2.0.0
Gnu Gnutls 1.5.0
Gnu Gnutls 1.2.8
Gnu Gnutls 1.1.14
Gnu Gnutls 2.3.4
Gnu Gnutls 1.7.3
Gnu Gnutls 1.4.1
Gnu Gnutls 1.4.3
Gnu Gnutls 1.2.11
Gnu Gnutls 1.1.21
Gnu Gnutls 1.7.5
Gnu Gnutls 1.7.11
Gnu Gnutls 1.0.20
Gnu Gnutls 1.2.5
Gnu Gnutls 2.2.4
Gnu Gnutls 1.2.4
Gnu Gnutls 1.3.1
Gnu Gnutls 1.0.24
Gnu Gnutls 1.7.15
Gnu Gnutls 1.6.1
NA
CVE-2006-4790
verify.c in GnuTLS prior to 1.4.4, when using an RSA key with exponent 3, does not properly handle excess data in the digestAlgorithm.parameters field when generating a hash, which allows remote malicious users to forge a PKCS #1 v1.5 signature that is signed by that RSA key and ...
Gnu Gnutls 1.0.21
Gnu Gnutls 1.0.22
Gnu Gnutls 1.1.17
Gnu Gnutls 1.1.18
Gnu Gnutls 1.2.10
Gnu Gnutls 1.2.11
Gnu Gnutls 1.2.8
Gnu Gnutls 1.2.8.1a1
Gnu Gnutls 1.3.5
Gnu Gnutls 1.4.0
Gnu Gnutls 1.4.1
Gnu Gnutls 1.0.23
Gnu Gnutls 1.0.24
Gnu Gnutls 1.1.19
Gnu Gnutls 1.1.20
Gnu Gnutls 1.1.21
Gnu Gnutls 1.2.2
Gnu Gnutls 1.0.19
Gnu Gnutls 1.0.20
Gnu Gnutls 1.1.15
Gnu Gnutls 1.1.16
Gnu Gnutls 1.2.0
NA
CVE-2006-0645
Tiny ASN.1 Library (libtasn1) prior to 0.2.18, as used by (1) GnuTLS 1.2.x prior to 1.2.10 and 1.3.x prior to 1.3.4, and (2) GNU Shishi, allows malicious users to crash the DER decoder and possibly execute arbitrary code via "out-of-bounds access" caused by invalid inpu...
Free Software Foundation Inc. Libtasn1 0.2.0
Free Software Foundation Inc. Libtasn1 0.2.1
Free Software Foundation Inc. Libtasn1 0.2.17
Free Software Foundation Inc. Libtasn1 0.2.2
Free Software Foundation Inc. Libtasn1 0.2.9
Free Software Foundation Inc. Libtasn1 0.1.1
Free Software Foundation Inc. Libtasn1 0.1.2
Free Software Foundation Inc. Libtasn1 0.2.14
Free Software Foundation Inc. Libtasn1 0.2.15
Free Software Foundation Inc. Libtasn1 0.2.16
Free Software Foundation Inc. Libtasn1 0.2.7
Free Software Foundation Inc. Libtasn1 0.2.8
Free Software Foundation Inc. Libtasn1 0.2.10
Free Software Foundation Inc. Libtasn1 0.2.11
Free Software Foundation Inc. Libtasn1 0.2.3
Free Software Foundation Inc. Libtasn1 0.2.4
Free Software Foundation Inc. Libtasn1 0.1.0
Free Software Foundation Inc. Libtasn1 0.2.12
Free Software Foundation Inc. Libtasn1 0.2.13
Free Software Foundation Inc. Libtasn1 0.2.5
Free Software Foundation Inc. Libtasn1 0.2.6
NA
CVE-2005-1431
The "record packet parsing" in GnuTLS 1.2 prior to 1.2.3 and 1.0 prior to 1.0.25 allows remote malicious users to cause a denial of service, possibly related to padding bytes in gnutils_cipher.c.
Gnu Gnutls 1.0.23
Gnu Gnutls 1.0.24
Gnu Gnutls 1.2.0
Gnu Gnutls 1.0.19
Gnu Gnutls 1.0.20
Gnu Gnutls 1.0.18
Gnu Gnutls 1.2.1
Gnu Gnutls 1.2.2
Gnu Gnutls 1.0.21
Gnu Gnutls 1.0.22
NA
CVE-2004-2531
X.509 Certificate Signature Verification in Gnu transport layer security library (GnuTLS) 1.0.16 allows remote malicious users to cause a denial of service (CPU consumption) via certificates containing long chains and signed with large RSA keys.
Gnu Gnutls 1.0.16
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-35229
privilege escalation
local users
CVE-2024-5405
CVE-2024-27842
CVE-2024-5274
CVE-2024-5378
CVE-2024-34152
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5