Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu gnutls 2.6.2 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-2509
A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.
Gnu Gnutls
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 35
Debian Debian Linux 10.0
Debian Debian Linux 11.0
2 Github repositories
NA
CVE-2013-1619
The TLS implementation in GnuTLS prior to 2.12.23, 3.0.x prior to 3.0.28, and 3.1.x prior to 3.1.7 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote malicious users to c...
Gnu Gnutls 2.12.15
Gnu Gnutls 2.3.5
Gnu Gnutls 2.10.2
Gnu Gnutls 2.0.0
Gnu Gnutls 2.8.3
Gnu Gnutls 2.3.4
Gnu Gnutls 2.12.2
Gnu Gnutls 2.7.4
Gnu Gnutls 2.6.1
Gnu Gnutls 2.2.4
Gnu Gnutls 2.12.22
Gnu Gnutls 2.1.0
Gnu Gnutls 2.3.1
Gnu Gnutls 2.12.7
Gnu Gnutls 2.12.5
Gnu Gnutls 2.2.5
Gnu Gnutls 2.1.1
Gnu Gnutls 2.3.8
Gnu Gnutls 2.8.5
Gnu Gnutls 2.12.16
Gnu Gnutls 2.1.7
Gnu Gnutls 2.10.4
NA
CVE-2012-1569
The asn1_get_length_der function in decoding.c in GNU Libtasn1 prior to 2.12, as used in GnuTLS prior to 3.0.16 and other products, does not properly handle certain large length values, which allows remote malicious users to cause a denial of service (heap memory corruption and a...
Gnu Gnutls 2.3.5
Gnu Gnutls 1.6.0
Gnu Gnutls 2.10.2
Gnu Gnutls 3.0.12
Gnu Gnutls 2.0.0
Gnu Gnutls 1.5.0
Gnu Gnutls 1.2.8
Gnu Gnutls 2.8.3
Gnu Gnutls 1.1.14
Gnu Libtasn1 1.0
Gnu Libtasn1 2.4
Gnu Gnutls 2.3.4
Gnu Libtasn1 0.2.17
Gnu Libtasn1 0.3.9
Gnu Gnutls 1.7.3
Gnu Gnutls 3.0.3
Gnu Gnutls 2.12.2
Gnu Libtasn1 2.6
Gnu Libtasn1 0.3.3
Gnu Gnutls 2.7.4
Gnu Gnutls 3.0.9
Gnu Gnutls 1.4.1
NA
CVE-2012-1573
gnutls_cipher.c in libgnutls in GnuTLS prior to 2.12.17 and 3.x prior to 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote malicious users to cause a denial of service (heap memory corruption and application crash) via a crafted record, as de...
Gnu Gnutls 2.12.15
Gnu Gnutls 2.3.5
Gnu Gnutls 2.10.2
Gnu Gnutls 2.0.0
Gnu Gnutls 2.8.3
Gnu Gnutls 2.3.4
Gnu Gnutls 2.12.2
Gnu Gnutls 2.7.4
Gnu Gnutls 2.6.1
Gnu Gnutls 2.2.4
Gnu Gnutls 2.1.0
Gnu Gnutls 2.3.1
Gnu Gnutls 2.12.7
Gnu Gnutls 2.12.5
Gnu Gnutls 2.2.5
Gnu Gnutls 2.1.1
Gnu Gnutls 2.3.8
Gnu Gnutls 2.8.5
Gnu Gnutls 2.1.7
Gnu Gnutls 2.10.4
Gnu Gnutls 2.1.4
Gnu Gnutls 2.6.0
NA
CVE-2012-1663
Double free vulnerability in libgnutls in GnuTLS prior to 3.0.14 allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted certificate list.
Gnu Gnutls 2.3.5
Gnu Gnutls 1.6.0
Gnu Gnutls 2.10.2
Gnu Gnutls 3.0.12
Gnu Gnutls 2.0.0
Gnu Gnutls 1.5.0
Gnu Gnutls 1.2.8
Gnu Gnutls 2.8.3
Gnu Gnutls 1.1.14
Gnu Gnutls 2.3.4
Gnu Gnutls 1.7.3
Gnu Gnutls 3.0.3
Gnu Gnutls 2.12.2
Gnu Gnutls 2.7.4
Gnu Gnutls 3.0.9
Gnu Gnutls 1.4.1
Gnu Gnutls 1.4.3
Gnu Gnutls 2.6.1
Gnu Gnutls 1.2.11
Gnu Gnutls 3.0.6
Gnu Gnutls 1.1.21
Gnu Gnutls 1.7.5
1 EDB exploit
NA
CVE-2012-0390
The DTLS implementation in GnuTLS 3.0.10 and previous versions executes certain error-handling code only if there is a specific relationship between a padding length and the ciphertext size, which makes it easier for remote malicious users to recover partial plaintext via a timin...
Gnu Gnutls 2.10.2
Gnu Gnutls 2.8.3
Gnu Gnutls 3.0.3
Gnu Gnutls 2.12.2
Gnu Gnutls 3.0.9
Gnu Gnutls 2.6.1
Gnu Gnutls 3.0.6
Gnu Gnutls 2.2.4
Gnu Gnutls 3.0.8
Gnu Gnutls 2.12.7
Gnu Gnutls 2.12.5
Gnu Gnutls 2.2.5
Gnu Gnutls 2.8.5
Gnu Gnutls 2.10.5-x86
Gnu Gnutls 2.10.4
Gnu Gnutls 2.6.0
Gnu Gnutls 2.8.0
Gnu Gnutls 2.12.14
Gnu Gnutls 2.12.8
Gnu Gnutls 3.0.0
Gnu Gnutls 2.4.3
Gnu Gnutls 2.6.2
NA
CVE-2009-2730
libgnutls in GnuTLS prior to 2.8.2 does not properly handle a '\0' character in a domain name in the subject's (1) Common Name (CN) or (2) Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle malicious users to spoof arbitrar...
Gnu Gnutls 2.3.5
Gnu Gnutls 1.6.0
Gnu Gnutls 2.0.0
Gnu Gnutls 1.5.0
Gnu Gnutls 1.2.8
Gnu Gnutls 1.1.14
Gnu Gnutls 2.3.4
Gnu Gnutls 1.7.3
Gnu Gnutls 1.4.1
Gnu Gnutls 1.4.3
Gnu Gnutls 2.6.1
Gnu Gnutls 1.2.11
Gnu Gnutls 1.1.21
Gnu Gnutls 1.7.5
Gnu Gnutls 1.7.11
Gnu Gnutls 1.0.20
Gnu Gnutls 1.2.5
Gnu Gnutls 2.2.4
Gnu Gnutls 1.0.17
Gnu Gnutls 1.2.4
Gnu Gnutls 1.3.1
Gnu Gnutls 1.0.24
NA
CVE-2009-2409
The Network Security Services (NSS) library prior to 3.12.3, as used in Firefox; GnuTLS prior to 2.6.4 and 2.7.4; OpenSSL 0.9.8 up to and including 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote malicious users to spoof certificates by us...
Mozilla Firefox
Mozilla Nss
Mozilla Nss 3.0
Mozilla Nss 3.2
Mozilla Nss 3.2.1
Mozilla Nss 3.3
Mozilla Nss 3.3.1
Mozilla Nss 3.3.2
Mozilla Nss 3.4
Mozilla Nss 3.4.1
Mozilla Nss 3.4.2
Mozilla Nss 3.4.3
Mozilla Nss 3.5
Mozilla Nss 3.6
Mozilla Nss 3.6.1
Mozilla Nss 3.7
Mozilla Nss 3.7.1
Mozilla Nss 3.7.2
Mozilla Nss 3.7.3
Mozilla Nss 3.7.5
Mozilla Nss 3.7.7
Mozilla Nss 3.8
NA
CVE-2009-1416
lib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 up to and including 2.6.5 generates RSA keys stored in DSA structures, instead of the intended DSA keys, which might allow remote malicious users to spoof signatures on certificates or have unspecified other impact by leveraging an inv...
Gnu Gnutls 2.6.1
Gnu Gnutls 2.6.0
Gnu Gnutls 2.5.0
Gnu Gnutls 2.6.2
Gnu Gnutls 2.6.3
Gnu Gnutls 2.6.5
Gnu Gnutls 2.6.4
1 EDB exploit
NA
CVE-2009-1417
gnutls-cli in GnuTLS prior to 2.6.6 does not verify the activation and expiration times of X.509 certificates, which allows remote malicious users to successfully present a certificate that is (1) not yet valid or (2) no longer valid, related to lack of time checks in the _gnutls...
Gnu Gnutls 2.3.5
Gnu Gnutls 1.6.0
Gnu Gnutls 2.0.0
Gnu Gnutls 1.5.0
Gnu Gnutls 1.2.8
Gnu Gnutls 1.1.14
Gnu Gnutls 2.3.4
Gnu Gnutls 1.7.3
Gnu Gnutls 1.4.1
Gnu Gnutls 1.4.3
Gnu Gnutls 2.6.1
Gnu Gnutls 1.2.11
Gnu Gnutls 1.1.21
Gnu Gnutls 1.7.5
Gnu Gnutls 1.7.11
Gnu Gnutls 1.0.20
Gnu Gnutls 1.2.5
Gnu Gnutls 2.2.4
Gnu Gnutls 1.0.17
Gnu Gnutls 1.2.4
Gnu Gnutls 1.3.1
Gnu Gnutls 1.0.24
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started