Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: gnutls (CVE-2024-28835)

The version of gnutls installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-28835 advisory. - A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a...

5CVSS7.6AI score0.00386EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-17764

Malware in sbrugna...

7.5CVSS7.8AI score0.01956EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/12/12 9:6 a.m.10 views

CVE-2024-12401 Cert-manager: potential dos when parsing specially crafted pem inputs

A flaw was found in the cert-manager package. This flaw allows an attacker who can modify PEM data that the cert-manager reads, for example, in a Secret resource, to use large amounts of CPU in the cert-manager controller pod to effectively create a denial-of-service DoS vector for the cert-manag...

4.4CVSS6.6AI score0.00645EPSS
Exploits0References8
OSV
OSV
added 2024/04/26 11:7 a.m.6 views

OESA-2024-1507 gnutls security update

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, and other...

5CVSS7.4AI score0.00386EPSS
Exploits0References2
OSV
OSV
added 2024/03/21 6:15 a.m.4 views

UBUNTU-CVE-2024-28835

A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command...

5CVSS6.6AI score0.00386EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2024/03/21 12:0 a.m.34 views

CVE-2024-28835

A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command...

5CVSS6.6AI score0.00386EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/03/20 12:0 a.m.4 views

PT-2024-2444

Name of the Vulnerable Software and Affected Versions GnuTLS versions prior to 3.8.3 Description A flaw in the GnuTLS library is related to shortcomings in handling exceptional states when analyzing the cert list size parameter in the gnutls x509 trust list verify crt2 function. This issue can be...

5.3CVSS6.3AI score0.00718EPSS
Exploits0References90
BDU FSTEC
BDU FSTEC
added 2023/04/26 12:0 a.m.7 views

The vulnerability of the PEMReadBioEx() function in the OpenSSL cryptographic library, which allows a hacker to trigger a denial-of-service attack

The vulnerability of the PEMReadbioex function in the OpenSSL cryptographic library is related to the repeated memory release during the processing of PEM files. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using a specially created PEM file...

7.8CVSS7AI score0.20444EPSS
Exploits0References14Affected Software23
CNNVD
CNNVD
added 2023/02/07 12:0 a.m.5 views

OpenSSL 资源管理错误漏洞

OpenSSL is an open source capable general-purpose cryptographic library from the OpenSSL team that implements the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. It supports a variety of cryptographic algorithms, including symmetric ciphers, hashing algorithms, secure...

7.5CVSS7.6AI score0.20444EPSS
Exploits0References37
OSV
OSV
added 2023/02/07 12:0 a.m.4 views

UBUNTU-CVE-2022-4450

The function PEMreadbioex reads a PEM file from a BIO and parses and decodes the "name" e.g. "CERTIFICATE", any header data and the payload data. If the function succeeds then the "nameout", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data...

7.5CVSS7AI score0.20444EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2022/05/21 12:18 a.m.30 views

CVE-2017-8821

In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, an attacker can cause a denial of service application hang via crafted PEM input that signifies a public key requiring a password, which triggers an attempt by the...

8.1CVSS4.2AI score0.01956EPSS
Exploits0References2
OSV
OSV
added 2017/12/03 7:29 a.m.10 views

CVE-2017-8821

In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, an attacker can cause a denial of service application hang via crafted PEM input that signifies a public key requiring a password, which triggers an attempt by the...

7.5CVSS7.7AI score
Exploits0References3
NVD
NVD
added 2017/12/03 7:29 a.m.17 views

CVE-2017-8821

In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, an attacker can cause a denial of service application hang via crafted PEM input that signifies a public key requiring a password, which triggers an attempt by the...

7.5CVSS7.3AI score0.01956EPSS
Exploits0References3
Rows per page
Query Builder