Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

MiracleLinux 4 : gnutls-2.8.5-18.AXS4 (AXSA:2015-329:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-329:01 advisory. GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library...

7.5CVSS7.3AI score0.01586EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2014-8155

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a...

4.3CVSS7.2AI score0.01046EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2023/02/21 6:35 p.m.35 views

K53330207: GnuTLS vulnerability CVE-2014-8155

Security Advisory Description GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a certificate issued by a CA certificate that is 1 not yet valid or 2 no longer valid. CVE-2014-8155 Impact GnuT...

4.3CVSS7.4AI score0.01046EPSS
Exploits0Affected Software13
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2015:0675-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.29958EPSS
Exploits3References12
Veracode
Veracode
added 2019/05/02 5:41 a.m.28 views

Improper Signature Validation

The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security TLS. It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as...

7.5CVSS7.4AI score0.01586EPSS
Exploits0References13Affected Software1
Veracode
Veracode
added 2019/05/02 5:41 a.m.39 views

Improper Signature Validation

The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security TLS. It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as...

7.5CVSS7.4AI score0.01586EPSS
Exploits0References6Affected Software1
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.36 views

Oracle: Security Advisory (ELSA-2015-1457)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.01586EPSS
Exploits0References2
CVE
CVE
added 2015/08/14 6:0 p.m.110 views

CVE-2014-8155

GnuTLS before 2.9.10 does not verify CA certificate activation/expiration dates, enabling MITM via certificates not yet valid or no longer valid. Affected: GnuTLS library (pre-2.9.10). Mitigation: upgrade to 2.9.10 or later where the issue is fixed (per advisory references). If exploiting details...

4.3CVSS7.1AI score0.01046EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/08/05 12:0 a.m.31 views

Amazon Linux AMI : gnutls (ALAS-2015-575)

It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as valid when its issuing CA is already expired. CVE-2014-8155 It was found that GnuTLS did not verify whether a hashing...

7.5CVSS7.2AI score0.01586EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/08/04 12:0 a.m.47 views

Scientific Linux Security Update : gnutls on SL6.x i386/x86_64 (20150722)

It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as valid when its issuing CA is already expired. CVE-2014-8155 It was found that GnuTLS did not verify whether a hashing...

7.5CVSS7.1AI score0.01586EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/07/30 12:0 a.m.26 views

Oracle Linux 6 : gnutls (ELSA-2015-1457)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-1457 advisory. - fix CVE-2015-0282 1198159 - fix CVE-2015-0294 1198159 Tenable has extracted the preceding description block directly from the Oracle Linux security...

7.5CVSS7.4AI score0.01586EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2015/07/23 12:0 a.m.29 views

RedHat Update for gnutls RHSA-2015:1457-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.01586EPSS
Exploits0References2
Debian
Debian
added 2015/03/25 7:50 a.m.27 views

[SECURITY] [DLA 180-1] gnutls26 security update

Package : gnutls26 Version : 2.8.6-1+squeeze5 CVE ID : CVE-2014-8155 CVE-2015-0282 CVE-2015-0294 Multiple vulnerabilities have been discovered in GnuTLS, a library implementing the TLS and SSL protocols. The Common Vulnerabilities and Exposures project identifies the following problems:...

7.5CVSS7.1AI score0.01586EPSS
Exploits0
OpenVAS
OpenVAS
added 2015/03/24 12:0 a.m.40 views

Ubuntu: Security Advisory (USN-2540-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.01586EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2015/03/23 7:13 p.m.55 views

USN-2540-1: GnuTLS vulnerabilities

It was discovered that GnuTLS did not perform date and time checks on CA certificates, contrary to expectations. This issue only affected Ubuntu 10.04 LTS. CVE-2014-8155 Nikos Mavrogiannopoulos discovered that GnuTLS incorrectly verified that signature algorithms matched. A remote attacker could...

7.5CVSS7.3AI score0.01586EPSS
Exploits0
Rows per page
Query Builder