Lucene search
K

23 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

MiracleLinux 4 : gnutls-2.8.5-18.AXS4 (AXSA:2015-329:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-329:01 advisory. GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library...

7.5CVSS7.3AI score0.01586EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2015:0675-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.29958EPSS
Exploits3References12
Veracode
Veracode
added 2019/05/02 5:41 a.m.28 views

Improper Signature Validation

The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security TLS. It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as...

7.5CVSS7.4AI score0.01586EPSS
Exploits0References13Affected Software1
Veracode
Veracode
added 2019/05/02 5:41 a.m.38 views

Improper Signature Validation

The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security TLS. It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as...

7.5CVSS7.4AI score0.01586EPSS
Exploits0References6Affected Software1
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.36 views

Oracle: Security Advisory (ELSA-2015-1457)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.01586EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/09/30 12:0 a.m.27 views

F5 BIG-IP - GnuTLS RSA PKCS signature vulnerability CVE-2015-0282

The remote host is missing a security patch. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/h:f5:big-ip"; if description...

5CVSS7.3AI score0.01407EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/09/29 12:0 a.m.26 views

F5 Networks BIG-IP : GnuTLS RSA PKCS signature vulnerability (K17327)

GnuTLS before 3.1.0 does not verify that the RSA PKCS 1 signature algorithm matches the signature algorithm in the certificate, which allows remote attackers to conduct downgrade attacks via unspecified vectors. CVE-2015-0282 C Tenable Network Security, Inc. The descriptive text and package check...

5CVSS7.3AI score0.01407EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/08/05 12:0 a.m.31 views

Amazon Linux AMI : gnutls (ALAS-2015-575)

It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as valid when its issuing CA is already expired. CVE-2014-8155 It was found that GnuTLS did not verify whether a hashing...

7.5CVSS7.2AI score0.01586EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/08/04 12:0 a.m.47 views

Scientific Linux Security Update : gnutls on SL6.x i386/x86_64 (20150722)

It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as valid when its issuing CA is already expired. CVE-2014-8155 It was found that GnuTLS did not verify whether a hashing...

7.5CVSS7.1AI score0.01586EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/07/31 12:0 a.m.29 views

OracleVM 3.3 : gnutls (OVMSA-2015-0101)

The remote OracleVM system is missing necessary patches to address critical security updates : - fix CVE-2015-0282 1198159 - fix CVE-2015-0294 1198159 - Corrected value initialization in mpi printing 1129241 - Check for expiry information in the CA certificates 1159778 - fix issue with integer...

7.5CVSS7.2AI score0.29958EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2015/07/30 12:0 a.m.26 views

Oracle Linux 6 : gnutls (ELSA-2015-1457)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-1457 advisory. - fix CVE-2015-0282 1198159 - fix CVE-2015-0294 1198159 Tenable has extracted the preceding description block directly from the Oracle Linux security...

7.5CVSS7.4AI score0.01586EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2015/07/28 12:0 a.m.34 views

gnutls security and bug fix update

2.8.5-18 - fix CVE-2015-0282 1198159 - fix CVE-2015-0294 1198159 2.8.5-17 - Corrected value initialization in mpi printing 1129241 2.8.5-16 - Check for expiry information in the CA certificates 1159778 2.8.5-15 - fix issue with integer padding in certificates and keys 1036385...

5CVSS2.8AI score0.01586EPSS
Exploits0
OpenVAS
OpenVAS
added 2015/07/23 12:0 a.m.29 views

RedHat Update for gnutls RHSA-2015:1457-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.01586EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/04/08 12:0 a.m.23 views

SuSE 11.3 Security Update : GnuTLS (SAT Patch Number 10536)

GnuTLS was updated to fix two security issues : - A certificate algorithm consistency checking issue was fixed, where GnuTLS did not check whether the two signature algorithms match on certificate import. This problem is not deemed to be exploitable currently. CVE-2015-0294 - GNUTLS-SA-2015-1:...

7.5CVSS7.1AI score0.01586EPSS
Exploits0References8
Debian
Debian
added 2015/03/25 7:50 a.m.27 views

[SECURITY] [DLA 180-1] gnutls26 security update

Package : gnutls26 Version : 2.8.6-1+squeeze5 CVE ID : CVE-2014-8155 CVE-2015-0282 CVE-2015-0294 Multiple vulnerabilities have been discovered in GnuTLS, a library implementing the TLS and SSL protocols. The Common Vulnerabilities and Exposures project identifies the following problems:...

7.5CVSS7.1AI score0.01586EPSS
Exploits0
CVE
CVE
added 2015/03/24 5:0 p.m.108 views

CVE-2015-0282

GnuTLS before 3.1.0 does not verify that the RSA PKCS#1 signature algorithm matches the signature algorithm in the certificate, enabling remote downgrade attacks via unspecified vectors. Impact is downgrade/traffic manipulation risk with affected deployments. The CVE entry explicitly targets GnuTLS...

5CVSS7.1AI score0.01407EPSS
Exploits0References5Affected Software1
OpenVAS
OpenVAS
added 2015/03/24 12:0 a.m.39 views

Ubuntu: Security Advisory (USN-2540-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.01586EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2015/03/23 7:13 p.m.55 views

USN-2540-1: GnuTLS vulnerabilities

It was discovered that GnuTLS did not perform date and time checks on CA certificates, contrary to expectations. This issue only affected Ubuntu 10.04 LTS. CVE-2014-8155 Nikos Mavrogiannopoulos discovered that GnuTLS incorrectly verified that signature algorithms matched. A remote attacker could...

7.5CVSS7.3AI score0.01586EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/03/17 12:0 a.m.34 views

Debian DSA-3191-1 : gnutls26 - security update

Multiple vulnerabilities have been discovered in GnuTLS, a library implementing the TLS and SSL protocols. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2015-0282 GnuTLS does not verify the RSA PKCS 1 signature algorithm to match the signature algorith...

7.5CVSS7.1AI score0.01586EPSS
Exploits0References6
Debian
Debian
added 2015/03/15 9:42 p.m.25 views

[SECURITY] [DSA 3191-1] gnutls26 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3191-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 15, 2015 http://www.debian.org/security/faq -...

5CVSS2AI score0.01586EPSS
Exploits0
Rows per page
Query Builder