Lucene search
K

311 matches found

OSV
OSV
added 2025/07/10 8:15 a.m.15 views

AZL-65088 CVE-2025-32989 affecting package gnutls for versions less than 3.7.11-4

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...

5.3CVSS6.8AI score0.01179EPSS
Exploits0References1
OSV
OSV
added 2025/07/10 8:15 a.m.5 views

ALPINE-CVE-2025-32989

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...

5.3CVSS6.3AI score0.01179EPSS
Exploits0References1
OSV
OSV
added 2025/07/10 8:15 a.m.6 views

CVE-2025-32989

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...

5.3CVSS5.5AI score0.01179EPSS
Exploits0References10
OSV
OSV
added 2025/07/10 8:15 a.m.2 views

DEBIAN-CVE-2025-32989

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...

5.3CVSS6.8AI score0.01179EPSS
Exploits0References1
OSV
OSV
added 2025/07/10 8:15 a.m.7 views

AZL-65103 CVE-2025-32989 affecting package gnutls for versions less than 3.8.3-6

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...

5.3CVSS6.8AI score0.01179EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/10 8:5 a.m.35 views

CVE-2025-32989 Gnutls: vulnerability in gnutls sct extension parsing

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...

5.3CVSS0.01179EPSS
Exploits0References11
Vulnrichment
Vulnrichment
added 2025/07/10 8:5 a.m.3 views

CVE-2025-32989 Gnutls: vulnerability in gnutls sct extension parsing

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...

5.3CVSS6.5AI score0.01179EPSS
Exploits0References11
CVE
CVE
added 2025/07/10 8:5 a.m.85 views

CVE-2025-32989

CVE-2025-32989 : A heap-buffer-overread in GnuTLS occurs during X.509 certificate parsing of the CT SCT extension (OID 1.3.6.1.4.1.11129.2.4.2). A malformed SCT can lead to exposure of confidential data when certificates are validated for certain sites and SCT checks are not performed correctly. ...

5.3CVSS6.4AI score0.01179EPSS
Exploits0References13Affected Software1
RedhatCVE
RedhatCVE
added 2025/07/10 8:4 a.m.5 views

CVE-2025-32989

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...

5.3CVSS6.6AI score0.01179EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/07/10 12:0 a.m.6 views

PT-2025-29041

Name of the Vulnerable Software and Affected Versions GnuTLS affected versions not specified gnutls28 versions prior to 3.7.9-2+deb12u5 gnutls30 versions prior to 3.8.10-alt1 Description GnuTLS is a library that implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. A...

8.2CVSS6.9AI score0.01185EPSS
Exploits0References97
RedHat Linux
RedHat Linux
added 2025/07/08 12:35 p.m.7 views

jq: AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt)

A flaw was found in jq, a command line JSON processor. A specially crafted input can cause a heap-based buffer over-read when formatting an empty string because it was not properly null-terminated, causing a crash and resulting in a denial of service...

8.7CVSS7.3AI score0.00446EPSS
Exploits1References5
OSV
OSV
added 2025/06/09 8:15 p.m.3 views

DEBIAN-CVE-2025-5915

A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber LZSS window. This means the library may attempt to read beyond the allocated memory buffer, which can...

6.6CVSS6.4AI score0.00163EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/06/09 7:49 p.m.3 views

CVE-2025-5915

A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber LZSS window. This means the library may attempt to read beyond the allocated memory buffer, which can...

6.6CVSS6.6AI score0.00163EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/06/04 3:34 a.m.3 views

libsoup: Heap buffer over-read in `skip_insignificant_space` when sniffing content

A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skipinsightwhitespace function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server...

7CVSS7.4AI score0.00786EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2025/05/29 6:42 a.m.5 views

libsoup: Heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space()

A flaw was found in libsoup. A vulnerability in snifffeedorhtml and skipinsignificantspace functions may lead to a heap buffer over-read...

6.5CVSS7.4AI score0.00613EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/05/13 2:1 p.m.5 views

libsoup: Heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space()

A flaw was found in libsoup. A vulnerability in snifffeedorhtml and skipinsignificantspace functions may lead to a heap buffer over-read...

6.5CVSS7.4AI score0.00613EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/05/06 4:48 p.m.6 views

libsoup: Heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space()

A flaw was found in libsoup. A vulnerability in snifffeedorhtml and skipinsignificantspace functions may lead to a heap buffer over-read...

6.5CVSS7.4AI score0.00613EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2025/05/06 7:0 a.m.2 views

Libsoup: heap buffer over-read in `skip_insignificant_space` when sniffing content

...

7CVSS7.3AI score0.00786EPSS
Exploits1
CNNVD
CNNVD
added 2025/04/09 12:0 a.m.16 views

GraphicsMagick 安全漏洞

GraphicsMagick is GraphicsMagick open source set of simple image processing tools. It provides resizing, rotation, highlighting, and more. A security vulnerability exists in GraphicsMagick versions prior to 8e56520, which stems from a heap buffer over-read...

4CVSS4.8AI score0.00339EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2025/04/03 2:15 p.m.3 views

CVE-2025-32052

A flaw was found in libsoup. A vulnerability in the sniffunknown function may lead to heap buffer over-read...

6.5CVSS7AI score0.00618EPSS
Exploits0References10
Rows per page
Query Builder