Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Tenable Nessus
Tenable Nessusadded 2022/02/09 12:0 a.m.40 views

AlmaLinux 8 : gnutls (ALSA-2020:5483)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2020:5483 advisory. - An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a norenegotiation alert is sent with...

7.5CVSS7.5AI score0.03633EPSS
Exploits1References2
Oracle linux
Oracle linuxadded 2020/12/21 12:0 a.m.34 views

gnutls security and bug fix update

3.6.14-7 - Increase DH key bits to = 2048 in self-tests 1879506 - Implement self-tests for KDF and CMAC 1890870 - Fix CVE-2020-24659: heap buffer-overflow when 'norenegotiation' alert is received 1873959...

7.5CVSS0.8AI score0.03633EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2020/12/09 12:0 a.m.32 views

SUSE SLED15 / SLES15 Security Update : gnutls (SUSE-SU-2020:2988-1)

This update for gnutls fixes the following issues : Fix heap buffer overflow in handshake with norenegotiation alert sent CVE-2020-24659 bsc1176181 FIPS: Implement ECDH requirements from SP800-56Arev3 bsc1176086 FIPS: Use 2048 bit prime in DH selftest bsc1176086 FIPS: Add TLS KDF selftest...

7.5CVSS7.7AI score0.03633EPSS
Exploits1References6
Tenable Nessus
Tenable Nessusadded 2020/11/02 12:0 a.m.33 views

EulerOS 2.0 SP8 : gnutls (EulerOS-SA-2020-2310)

According to the version of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a norenegotiation alert is...

7.5CVSS7.5AI score0.03633EPSS
Exploits1References2
Gentoo Linux
Gentoo Linuxadded 2020/09/06 12:0 a.m.65 views

GnuTLS: Denial of service

Background GnuTLS is an Open Source implementation of the TLS and SSL protocols. Description It was found that GnuTLS didn’t handle “norenegotiation” alert properly. Impact A remote attacker could entice a user to connect to a malicious TLS endpoint using an application linked against GnuTLS,...

7.5CVSS7.8AI score0.03633EPSS
Exploits1
RedhatCVE
RedhatCVEadded 2020/09/04 3:19 p.m.26 views

CVE-2020-24659

A flaw was found in GnuTLS, where the server can trigger the client to run into heap buffer overflow if a norenegotiation alert is sent in an unexpected timing. This flaw allows the client to crash at the session deinitialization timing. The highest threat from this vulnerability is to system...

7.5CVSS7.7AI score0.03633EPSS
Exploits1References4
NVD
NVDadded 2020/09/04 3:15 p.m.15 views

CVE-2020-24659

An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a norenegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the...

7.5CVSS7.4AI score0.03633EPSS
Exploits1References9
Prion
Prionadded 2020/09/04 3:15 p.m.26 views

Null pointer dereference

An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a norenegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the...

5CVSS7.3AI score0.03633EPSS
Exploits1References9Affected Software4
Rows per page
Query Builder