Lucene search
K

17 matches found

RedHat Linux
RedHat Linux
added 2026/06/29 3:13 p.m.3 views

gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly

A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the messagelength field remains...

7.5CVSS6.1AI score0.01263EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/29 10:17 a.m.6 views

gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly

A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the messagelength field remains...

7.5CVSS6.1AI score0.01263EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/29 2:40 a.m.5 views

gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly

A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the messagelength field remains...

7.5CVSS6.1AI score0.01263EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/25 6:37 p.m.5 views

gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly

A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the messagelength field remains...

7.5CVSS6.1AI score0.01263EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/05/26 7:4 a.m.10 views

gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly

A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the messagelength field remains...

7.5CVSS6.1AI score0.01263EPSS
Exploits0References4
OSV
OSV
added 2026/05/15 2:2 p.m.9 views

OESA-2026-2331 gnutls security update

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, and other...

7.5CVSS6AI score0.01263EPSS
Exploits0References2
OSV
OSV
added 2026/05/04 10:15 a.m.41 views

ALPINE-CVE-2026-33846

A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the messagelength field remains...

7.5CVSS6.1AI score0.01263EPSS
Exploits0References1
NVD
NVD
added 2026/05/04 10:15 a.m.22 views

CVE-2026-33846

A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the messagelength field remains...

7.5CVSS0.01263EPSS
Exploits0References19
Vulnrichment
Vulnrichment
added 2026/05/04 9:8 a.m.10 views

CVE-2026-33846 Gnutls: gnutls: denial of service via heap buffer overflow in dtls handshake fragment reassembly

A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the messagelength field remains...

7.5CVSS6.1AI score0.01263EPSS
Exploits0References18
EUVD
EUVD
added 2026/05/04 9:8 a.m.7 views

EUVD-2026-26926

A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the messagelength field remains...

7.5CVSS6.1AI score0.01263EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/04 9:8 a.m.6 views

CVE-2026-33846

A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the messagelength field remains...

7.5CVSS6AI score0.01263EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 10:11 a.m.7 views

CVE-2019-11924

A peer could send empty handshake fragments containing only padding which would be kept in memory until a full handshake was received, resulting in memory exhaustion. This issue affects versions v2019.01.28.00 and above of fizz, until v2019.08.05.00...

7.8CVSS6.9AI score0.02399EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-3582

Malware in sbrugna...

7.8CVSS7.6AI score0.02399EPSS
Exploits0References4
OSV
OSV
added 2019/08/20 8:15 p.m.26 views

CVE-2019-11924

A peer could send empty handshake fragments containing only padding which would be kept in memory until a full handshake was received, resulting in memory exhaustion. This issue affects versions v2019.01.28.00 and above of fizz, until v2019.08.05.00...

7.5CVSS6.8AI score0.02399EPSS
Exploits0References3
NVD
NVD
added 2019/08/20 8:15 p.m.28 views

CVE-2019-11924

A peer could send empty handshake fragments containing only padding which would be kept in memory until a full handshake was received, resulting in memory exhaustion. This issue affects versions v2019.01.28.00 and above of fizz, until v2019.08.05.00...

7.8CVSS7.5AI score0.02399EPSS
Exploits0References3
Prion
Prion
added 2019/08/20 8:15 p.m.21 views

Memory corruption

A peer could send empty handshake fragments containing only padding which would be kept in memory until a full handshake was received, resulting in memory exhaustion. This issue affects versions v2019.01.28.00 and above of fizz, until v2019.08.05.00...

7.8CVSS7.5AI score0.02399EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2019/08/20 7:32 p.m.66 views

CVE-2019-11924

This CVE (CVE-2019-11924) affects the fizz library and is documented in multiple feeds (NVD, Red Hat, OSV, CVE listings). Impact: a peer can send empty handshake fragments that contain only padding, which are kept in memory until a full handshake is received, causing memory exhaustion. Affected v...

7.8CVSS7.4AI score0.02399EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder