[SECURITY] [DLA 4595-1] gnutls28 security update

Debian LTS Advisory DLA-4595-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin May 22, 2026 https://wiki.debian.org/LTS Package : gnutls28 Version : 3.7.1-5+deb11u10 CVE ID : CVE-2026-3833 CVE-2026-5260 CVE-2026-33845 CVE-2026-33846 CVE-2026-42009 CVE-2026-42010...

CVE-2026-42009 Gnutls: gnutls: denial of service via dtls packet reordering vulnerability

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

OESA-2026-2331 gnutls security update

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, and other...

CVE-2026-5264 DTLS 1.3 ACK heap buffer overflow

Heap buffer overflow in DTLS 1.3 ACK message processing. A remote attacker can send a crafted DTLS 1.3 ACK message that triggers a heap buffer overflow...

PT-2026-31811

Name of the Vulnerable Software and Affected Versions DTLS 1.3 affected versions not specified Description A heap buffer overflow exists in the processing of DTLS 1.3 ACK messages. A remote attacker can potentially trigger this overflow by sending a crafted DTLS 1.3 ACK message. Recommendations A...

CVE-2026-27459 pyOpenSSL DTLS cookie callback buffer overflow

pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 22.0.0 and prior to version 26.0.0, if a user provided callback to setcookiegeneratecallback returned a cookie value greater than 256 bytes, pyOpenSSL would overflow an OpenSSL provided buffer. Starting in version 26.0....

EUVD-2023-53705

Malicious code in bioql PyPI...

ABB M2M Gateway Information Disclosure in embedded OpenSSL (CVE-2013-0169)

The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct...

CVE-2023-51443

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.11, when handling DTLS-SRTP for media setup, FreeSWITCH is susceptible to Denial of Service...

[SECURITY] [DSA 5596-1] asterisk security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5596-1 [email protected] https://www.debian.org/security/ Markus Koschany January 04, 2024 https://www.debian.org/security/faq -...

FreeSWITCH < 1.10.11 DoS Vulnerability

FreeSWITCH is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2023-51443 FreeSWITCH susceptible to Denial of Service via DTLS Hello packets during call initiation

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.11, when handling DTLS-SRTP for media setup, FreeSWITCH is susceptible to Denial of Service...

Denial Of Service

asterisk:sid is vulnerable to denial of service. The vulnerability due to a race condition in the hello handshake phase of the DTLS protocol when handling DTLS-SRTP for media setup. It allows an attacker can be done continuously, thus denying new DTLS-SRTP encrypted calls which can leads to denia...

PT-2023-1249

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 11.0.17, 17.0.5, 19.0.1 Oracle GraalVM Enterprise Edition versions 20.3.8, 21.3.4, 22.3.0 Description The issue is related to an easily exploitable vulnerability in the JSSE component of Oracle Java SE and Oracle GraalV...

SUSE SLES15 Security Update : gmp, gnutls, libnettle (SUSE-SU-2020:0948-2)

The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2020:0948-2 advisory. - GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 2018-07-16 because of an error in a 2017-10-0...

Cisco Firepower Threat Defense AnyConnect SSL VPN DoS (cisco-sa-vpndtls-dos-TunzLEV)

According to its self-reported version, Cisco FTD Software is affected by a vulnerability in the implementation of the Datagram TLS DTLS protocol that could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service DoS condition. This vulnerability ...

Cisco Adaptive Security Appliance Software AnyConnect SSL VPN DoS (cisco-sa-vpndtls-dos-TunzLEV)

According to its self-reported version, Cisco ASA Software is affected by a vulnerability in the implementation of the Datagram TLS DTLS protocol that could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service DoS condition. This vulnerability ...

CVE-2022-20795 Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense Software AnyConnect SSL VPN Denial of Service Vulnerability

A vulnerability in the implementation of the Datagram TLS DTLS protocol in Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service DoS condition...

[SECURITY] Fedora 33 Update: gnutls-3.6.16-1.fc33

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, OpenPGP and...

DDoS attacks in Q1 2021

News overview Q1 2021 saw the appearance of two new botnets. News broke in January of the FreakOut malware, which attacks Linux devices. Cybercriminals exploited several critical vulnerabilities in programs installed on victim devices, including the newly discovered CVE-2021-3007. Botnet operator...