|Max CVSS||7.5||Min CVSS||5.0||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate.
|27-01-2020 - 16:18||27-01-2020 - 16:15|
Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate.
|30-10-2018 - 16:27||24-03-2017 - 15:59|
gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a c
|18-01-2018 - 02:29||26-03-2012 - 19:55|
Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code
|29-12-2017 - 02:29||03-06-2014 - 14:55|
lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.
|28-11-2016 - 19:10||07-03-2014 - 00:10|