Max CVSS | 7.5 | Min CVSS | 4.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2014-3466 | 6.8 |
Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code
|
14-02-2024 - 01:17 | 03-06-2014 - 14:55 | |
CVE-2013-2116 | 5.0 |
The _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service (buffer over-read and crash) via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-20
|
13-02-2023 - 00:28 | 03-07-2013 - 18:55 | |
CVE-2015-0282 | 5.0 |
GnuTLS before 3.1.0 does not verify that the RSA PKCS #1 signature algorithm matches the signature algorithm in the certificate, which allows remote attackers to conduct downgrade attacks via unspecified vectors.
|
05-01-2018 - 02:29 | 24-03-2015 - 17:59 | |
CVE-2015-6251 | 5.0 |
Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName (DN) entry in a certificate. <a href="http://cwe.mitre.org/data/definitions/415.html">CWE-415:
|
24-12-2016 - 02:59 | 24-08-2015 - 14:59 | |
CVE-2015-3308 | 7.5 |
Double free vulnerability in lib/x509/x509_ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point. <a href="http://cwe.mitre.org/data/definitio
|
22-12-2016 - 02:59 | 02-09-2015 - 14:59 | |
CVE-2014-1959 | 5.8 |
lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue n
|
28-11-2016 - 19:10 | 07-03-2014 - 00:10 | |
CVE-2013-1619 | 4.0 |
The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, and 3.1.x before 3.1.7 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows rem
|
26-03-2014 - 04:46 | 08-02-2013 - 19:55 | |
CVE-2013-4466 | 5.0 |
Buffer overflow in the dane_query_tlsa function in the DANE library (libdane) in GnuTLS 3.1.x before 3.1.15 and 3.2.x before 3.2.5 allows remote servers to cause a denial of service (memory corruption) via a response with more than four DANE entries.
|
21-11-2013 - 17:06 | 20-11-2013 - 14:12 |