Lucene search
K

17 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/16 10:39 p.m.9 views

Security Bulletin: Multiple security vulnerabilities in RedHat UBI affect IBM Robotic Process Automation for Cloud Pak

Summary Multiple vulnerabilities in RedHat UBI affect IBM Robotic Process Automation for Cloud Pak. RedHat UBI is used as base imaged for IBM Robotic Process Automation for Cloud Pak images. This bulletin identifies the fixes required to address the vulnerabilites. Vulnerability Details...

8.2CVSS6.4AI score0.01185EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/03/29 6:59 p.m.3 views

ROOT-OS-ALPINE-322-CVE-2025-32989 CVE-2025-32989 in rootio-gnutls - Patched by Root

Root has patched CVE-2025-32989 in the rootio-gnutls package for Root:Alpine:3.22. Multiple fixed versions available...

5.3CVSS6.5AI score0.01179EPSS
Exploits0
Circl
Circl
added 2026/01/21 9:18 p.m.6 views

CVE-2025-32989

creationtimestamp| type| source ---|---|--- 2026-01-21 21:18:16+00:00| seen| https://vulnerability.circl.lu/bundle/bbcbc485-b88d-4831-b8e9-6e37e7bd9875 2026-03-10 17:00:08+00:00| seen| https://t.me/truesecator/7979 2026-06-30 01:42:23+00:00| seen|...

5.3CVSS7AI score0.01179EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/04 8:57 p.m.8 views

Security Bulletin: Vulnerabilities in gnutls affect IBM SAN Volume Controller, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in gnutls affect IBM Storage Virtualize products and could cause denial of service, confidentiality and integrity impacts. CVE-2025-32988 CVE-2025-32989. Vulnerability Details CVEID:CVE-2025-32988 DESCRIPTION: A flaw was found in GnuTLS. A double-free vulnerability exists ...

8.2CVSS6.5AI score0.01185EPSS
Exploits0Affected Software8
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.7 views

Siemens SIMATIC S7-1500 Improper Certificate Validation (CVE-2025-32989)

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...

5.3CVSS6.3AI score0.01179EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/09 12:0 a.m.3 views

AlmaLinux 10 : gnutls (ALSA-2025:16115)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:16115 advisory. gnutls: Vulnerability in GnuTLS certtool template parsing CVE-2025-32990 gnutls: Vulnerability in GnuTLS SCT extension parsing CVE-2025-32989 gnutls:...

8.2CVSS6.7AI score0.01185EPSS
Exploits0References6
Oracle linux
Oracle linux
added 2025/09/18 12:0 a.m.9 views

gnutls security, bug fix, and enhancement update

3.8.3-6.2 - keyupdate: rework the rekeying logic RHEL-107498 3.8.3-6.1 - Fix CVE-2025-32988, CVE-2025-32989, CVE-2025-32990, and CVE-2025-6395...

8.2CVSS6.7AI score0.01185EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/08/04 12:0 a.m.6 views

SUSE: Security Advisory (SUSE-SU-2025:02589-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS6.6AI score0.01185EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/08/02 12:0 a.m.5 views

SUSE SLED15: gnutls / libgnutls-devel / libgnutls-devel-32bit / libgnutls30 / etc (SUSE-SU-2025:02595-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02595-1 advisory. - CVE-2025-6395: Fix NULL pointer dereference when 2nd Client Hello omits PSK bsc1246299 -...

8.2CVSS7.3AI score0.01185EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2025/08/02 12:0 a.m.2 views

SUSE SLES15: gnutls / gnutls-guile / libgnutls-devel / libgnutls30 / etc (SUSE-SU-2025:02589-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02589-1 advisory. - CVE-2025-6395: Fix NULL pointer dereference when 2nd Client Hello omits PSK bsc1246299 - CVE-2025-32988: Fix double-free due to...

8.2CVSS7.3AI score0.01185EPSS
Exploits0References13
CBLMariner
CBLMariner
added 2025/07/25 3:8 p.m.3 views

CVE-2025-32989 affecting package gnutls for versions less than 3.7.11-4

CVE-2025-32989 affecting package gnutls for versions less than 3.7.11-4. A patched version of the package is available...

5.3CVSS7.3AI score0.01179EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/07/25 12:0 a.m.5 views

Azure Linux 3.0 Security Update: gnutls (CVE-2025-32989)

The version of gnutls installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32989 advisory. - A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT...

5.3CVSS6.4AI score0.01179EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2025/07/15 9:12 p.m.6 views

CVE-2025-32989 affecting package gnutls for versions less than 3.8.3-5

CVE-2025-32989 affecting package gnutls for versions less than 3.8.3-5. A patched version of the package is available...

5.3CVSS7.3AI score0.01179EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/07/11 12:0 a.m.5 views

Slackware: Security Advisory (SSA:2025-191-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS6.6AI score0.01185EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/07/10 8:15 a.m.4 views

CVE-2025-32989

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...

5.3CVSS6.9AI score0.01179EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/07/10 8:5 a.m.4 views

CVE-2025-32989

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...

5.3CVSS6.8AI score0.01179EPSS
Exploits0
FreeBSD
FreeBSD
added 2025/07/09 12:0 a.m.10 views

GnuTLS -- multiple vulnerabilities

Daiki Ueno reports: libgnutls: Fix heap read buffer overrun in parsing X.509 SCTS timestamps Spotted by oss-fuzz and reported by OpenAI Security Research Team, and fix developed by Andrew Hamilton. GNUTLS-SA-2025-07-07-1, CVSS: medium CVE-2025-32989 libgnutls: Fix double-free upon error when...

8.2CVSS6.6AI score0.01185EPSS
Exploits0References1
Rows per page
Query Builder