Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu gnutls 1.0.16 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-2531
X.509 Certificate Signature Verification in Gnu transport layer security library (GnuTLS) 1.0.16 allows remote malicious users to cause a denial of service (CPU consumption) via certificates containing long chains and signed with large RSA keys.
Gnu Gnutls 1.0.16
NA
CVE-2010-0731
The gnutls_x509_crt_get_serial function in the GnuTLS library prior to 1.2.1, when running on big-endian, 64-bit platforms, calls the asn1_read_value with a pointer to the wrong data type and the wrong length value, which allows remote malicious users to bypass the certificate re...
Gnu Gnutls 1.1.21
Gnu Gnutls 1.1.20
Gnu Gnutls 1.1.13
Gnu Gnutls 1.0.22
Gnu Gnutls 1.0.24
Gnu Gnutls 1.0.25
Gnu Gnutls 1.1.23
Gnu Gnutls 1.1.22
Gnu Gnutls 1.1.15
Gnu Gnutls 1.1.14
Gnu Gnutls 1.0.16
Gnu Gnutls 1.0.17
Gnu Gnutls
Gnu Gnutls 1.1.17
Gnu Gnutls 1.1.16
Gnu Gnutls 1.0.18
Gnu Gnutls 1.0.19
Gnu Gnutls 1.1.19
Gnu Gnutls 1.1.18
Gnu Gnutls 1.0.23
Gnu Gnutls 1.0.20
Gnu Gnutls 1.0.21
NA
CVE-2006-7239
The _gnutls_x509_oid2mac_algorithm function in lib/gnutls_algorithms.c in GnuTLS prior to 1.4.2 allows remote malicious users to cause a denial of service (crash) via a crafted X.509 certificate that uses a hash algorithm that is not supported by GnuTLS, which triggers a NULL poi...
Gnu Gnutls 1.2.8
Gnu Gnutls 1.1.14
Gnu Gnutls 1.2.11
Gnu Gnutls 1.1.21
Gnu Gnutls 1.0.20
Gnu Gnutls 1.2.5
Gnu Gnutls 1.0.17
Gnu Gnutls 1.2.4
Gnu Gnutls 1.3.1
Gnu Gnutls 1.0.24
Gnu Gnutls 1.0.21
Gnu Gnutls 1.0.16
Gnu Gnutls 1.1.20
Gnu Gnutls 1.2.10
Gnu Gnutls 1.1.22
Gnu Gnutls 1.4.0
Gnu Gnutls 1.3.4
Gnu Gnutls 1.0.19
Gnu Gnutls 1.2.1
Gnu Gnutls 1.1.19
Gnu Gnutls 1.1.18
Gnu Gnutls
NA
CVE-2009-2730
libgnutls in GnuTLS prior to 2.8.2 does not properly handle a '\0' character in a domain name in the subject's (1) Common Name (CN) or (2) Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle malicious users to spoof arbitrar...
Gnu Gnutls 2.6.5
Gnu Gnutls 2.4.2
Gnu Gnutls 2.3.3
Gnu Gnutls 2.3.9
Gnu Gnutls 1.0.18
Gnu Gnutls 1.0.19
Gnu Gnutls 1.1.14
Gnu Gnutls 1.1.15
Gnu Gnutls 1.2.0
Gnu Gnutls 1.2.11
Gnu Gnutls 1.2.6
Gnu Gnutls 1.2.8.1a1
Gnu Gnutls 1.3.4
Gnu Gnutls 1.3.5
Gnu Gnutls 2.2.1
Gnu Gnutls 1.7.12
Gnu Gnutls 2.2.5
Gnu Gnutls 1.7.16
Gnu Gnutls 2.0.3
Gnu Gnutls 1.4.3
Gnu Gnutls 2.0.0
Gnu Gnutls 1.5.2
NA
CVE-2009-1417
gnutls-cli in GnuTLS prior to 2.6.6 does not verify the activation and expiration times of X.509 certificates, which allows remote malicious users to successfully present a certificate that is (1) not yet valid or (2) no longer valid, related to lack of time checks in the _gnutls...
Gnu Gnutls 1.0.22
Gnu Gnutls 1.0.23
Gnu Gnutls 1.0.24
Gnu Gnutls 1.1.21
Gnu Gnutls 1.1.20
Gnu Gnutls 1.1.15
Gnu Gnutls 1.0.25
Gnu Gnutls 1.2.3
Gnu Gnutls 1.2.2
Gnu Gnutls 1.3.4
Gnu Gnutls 1.2.7
Gnu Gnutls 1.5.0
Gnu Gnutls 1.4.4
Gnu Gnutls 1.6.2
Gnu Gnutls 1.5.5
Gnu Gnutls 1.7.14
Gnu Gnutls 1.7.15
Gnu Gnutls 1.0.18
Gnu Gnutls 1.0.19
Gnu Gnutls 1.1.19
Gnu Gnutls 1.1.16
Gnu Gnutls 1.2.1
NA
CVE-2006-4790
verify.c in GnuTLS prior to 1.4.4, when using an RSA key with exponent 3, does not properly handle excess data in the digestAlgorithm.parameters field when generating a hash, which allows remote malicious users to forge a PKCS #1 v1.5 signature that is signed by that RSA key and ...
Gnu Gnutls 1.0.21
Gnu Gnutls 1.0.22
Gnu Gnutls 1.1.17
Gnu Gnutls 1.1.18
Gnu Gnutls 1.2.10
Gnu Gnutls 1.2.11
Gnu Gnutls 1.2.8
Gnu Gnutls 1.2.8.1a1
Gnu Gnutls 1.3.5
Gnu Gnutls 1.4.0
Gnu Gnutls 1.4.1
Gnu Gnutls 1.0.23
Gnu Gnutls 1.0.24
Gnu Gnutls 1.1.19
Gnu Gnutls 1.1.20
Gnu Gnutls 1.1.21
Gnu Gnutls 1.2.2
Gnu Gnutls 1.0.19
Gnu Gnutls 1.0.20
Gnu Gnutls 1.1.15
Gnu Gnutls 1.1.16
Gnu Gnutls 1.2.0
NA
CVE-2012-1663
Double free vulnerability in libgnutls in GnuTLS prior to 3.0.14 allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted certificate list.
Gnu Gnutls 1.1.21
Gnu Gnutls 1.2.10
Gnu Gnutls 1.2.3
Gnu Gnutls 1.2.8
Gnu Gnutls 1.2.9
Gnu Gnutls 1.4.1
Gnu Gnutls 1.0.22
Gnu Gnutls 1.0.16
Gnu Gnutls 2.4.1
Gnu Gnutls 1.1.15
Gnu Gnutls 1.0.24
Gnu Gnutls 1.4.5
Gnu Gnutls 2.10.5
Gnu Gnutls 1.1.13
Gnu Gnutls 1.7.18
Gnu Gnutls 2.0.3
Gnu Gnutls 1.4.3
Gnu Gnutls 1.5.2
Gnu Gnutls 2.1.0
Gnu Gnutls 1.5.5
Gnu Gnutls 2.1.5
Gnu Gnutls 2.1.8
1 EDB exploit
NA
CVE-2012-1569
The asn1_get_length_der function in decoding.c in GNU Libtasn1 prior to 2.12, as used in GnuTLS prior to 3.0.16 and other products, does not properly handle certain large length values, which allows remote malicious users to cause a denial of service (heap memory corruption and a...
Gnu Libtasn1 2.10
Gnu Libtasn1 2.3
Gnu Libtasn1 2.2
Gnu Libtasn1 1.3
Gnu Libtasn1 1.2
Gnu Libtasn1 0.3.6
Gnu Libtasn1 0.3.5
Gnu Libtasn1 0.2.17
Gnu Libtasn1 0.2.16
Gnu Libtasn1 0.2.15
Gnu Libtasn1 0.2.8
Gnu Libtasn1 0.2.7
Gnu Libtasn1 0.2.0
Gnu Libtasn1 0.1.2
Gnu Gnutls 1.0.20
Gnu Gnutls 1.0.21
Gnu Libtasn1 2.5
Gnu Libtasn1 2.4
Gnu Libtasn1 1.5
Gnu Libtasn1 1.4
Gnu Libtasn1 0.3.8
Gnu Libtasn1 0.3.7
NA
CVE-2009-2409
The Network Security Services (NSS) library prior to 3.12.3, as used in Firefox; GnuTLS prior to 2.6.4 and 2.7.4; OpenSSL 0.9.8 up to and including 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote malicious users to spoof certificates by us...
Mozilla Firefox
Mozilla Nss
Mozilla Nss 3.0
Mozilla Nss 3.2
Mozilla Nss 3.2.1
Mozilla Nss 3.3
Mozilla Nss 3.3.1
Mozilla Nss 3.3.2
Mozilla Nss 3.4
Mozilla Nss 3.4.1
Mozilla Nss 3.4.2
Mozilla Nss 3.4.3
Mozilla Nss 3.5
Mozilla Nss 3.6
Mozilla Nss 3.6.1
Mozilla Nss 3.7
Mozilla Nss 3.7.1
Mozilla Nss 3.7.2
Mozilla Nss 3.7.3
Mozilla Nss 3.7.5
Mozilla Nss 3.7.7
Mozilla Nss 3.8
NA
CVE-2006-0645
Tiny ASN.1 Library (libtasn1) prior to 0.2.18, as used by (1) GnuTLS 1.2.x prior to 1.2.10 and 1.3.x prior to 1.3.4, and (2) GNU Shishi, allows malicious users to crash the DER decoder and possibly execute arbitrary code via "out-of-bounds access" caused by invalid inpu...
Free Software Foundation Inc. Libtasn1 0.2.0
Free Software Foundation Inc. Libtasn1 0.2.1
Free Software Foundation Inc. Libtasn1 0.2.17
Free Software Foundation Inc. Libtasn1 0.2.2
Free Software Foundation Inc. Libtasn1 0.2.9
Free Software Foundation Inc. Libtasn1 0.1.1
Free Software Foundation Inc. Libtasn1 0.1.2
Free Software Foundation Inc. Libtasn1 0.2.14
Free Software Foundation Inc. Libtasn1 0.2.15
Free Software Foundation Inc. Libtasn1 0.2.16
Free Software Foundation Inc. Libtasn1 0.2.7
Free Software Foundation Inc. Libtasn1 0.2.8
Free Software Foundation Inc. Libtasn1 0.2.10
Free Software Foundation Inc. Libtasn1 0.2.11
Free Software Foundation Inc. Libtasn1 0.2.3
Free Software Foundation Inc. Libtasn1 0.2.4
Free Software Foundation Inc. Libtasn1 0.1.0
Free Software Foundation Inc. Libtasn1 0.2.12
Free Software Foundation Inc. Libtasn1 0.2.13
Free Software Foundation Inc. Libtasn1 0.2.5
Free Software Foundation Inc. Libtasn1 0.2.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started