CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2025/11/13 12:0 a.m.•2 views

Siemens SIMATIC S7-1500 Uncaught Exception (CVE-2024-28835)

A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the certtool --verify-chain command. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

5CVSS6.6AI score0.00043EPSS

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-25921

Malicious code in bioql PyPI...

5CVSS6.3AI score0.00043EPSS

Exploits0References6

OSV•added 2024/10/18 11:9 a.m.•1 views

OESA-2024-2263 gnutls security update

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, and other...

5CVSS6.8AI score0.00043EPSS

F5 Networks•added 2024/09/12 4:5 p.m.•22 views

K000141041: GnuTLS vulnerabilities CVE-2024-28834 and CVE-2024-28835

Security Advisory Description CVE-2024-28834 A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLSPRIVKEYFLAGREPRODUCIBLE flag...

5.3CVSS6.7AI score0.02116EPSS

Exploits0Affected Software1

OpenVAS•added 2024/09/03 12:0 a.m.•12 views

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-2306)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.2AI score0.00043EPSS

Tenable Nessus•added 2024/09/03 12:0 a.m.•19 views

EulerOS Virtualization 2.12.1 : gnutls (EulerOS-SA-2024-2306)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem...

5CVSS6.3AI score0.00043EPSS

OpenVAS•added 2024/08/20 12:0 a.m.•12 views

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-2167)

5.3CVSS6.3AI score0.02116EPSS

Tenable Nessus•added 2024/08/20 12:0 a.m.•19 views

EulerOS 2.0 SP12 : gnutls (EulerOS-SA-2024-2237)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the...

5CVSS6.3AI score0.00043EPSS

Tenable Nessus•added 2024/06/25 12:0 a.m.•27 views

EulerOS 2.0 SP11 : gnutls (EulerOS-SA-2024-1813)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leadi...

5.3CVSS6.3AI score0.02116EPSS

Tenable Nessus•added 2024/06/25 12:0 a.m.•18 views

EulerOS 2.0 SP11 : gnutls (EulerOS-SA-2024-1834)

5.3CVSS6.3AI score0.02116EPSS

RedHat Linux•added 2024/04/30 1:43 p.m.•3 views

gnutls: potential crash during chain building/verification

A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command...

5CVSS7.2AI score0.00043EPSS

Exploits0References5

Tenable Nessus•added 2024/04/29 12:0 a.m.•25 views

Fedora 40 : gnutls (2024-f69ecb0511)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-f69ecb0511 advisory. Rebase gnutls to version 3.8.5 ---- Rebase gnutls to version 3.8.4 - contains fixes for CVE-2024-28834 and CVE-2024-28835 ---- Automatic update for...

5.3CVSS6.5AI score0.02116EPSS

Tenable Nessus•added 2024/04/29 12:0 a.m.•26 views

Amazon Linux 2023 : gnutls, gnutls-c++, gnutls-dane (ALAS2023-2024-591)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-591 advisory. A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios...

5.3CVSS6.2AI score0.02116EPSS

Exploits0References6

OSV•added 2024/04/26 11:7 a.m.•1 views

OESA-2024-1506 gnutls security update

OSV•added 2024/04/26 11:7 a.m.•1 views

OESA-2024-1507 gnutls security update

OSV•added 2024/04/26 11:7 a.m.•1 views

OESA-2024-1508 gnutls security update

OSV•added 2024/04/19 11:7 a.m.•1 views

OESA-2024-1470 gnutls security update

OSV•added 2024/04/15 4:37 p.m.•1 views

USN-6733-1 gnutls28 vulnerabilities

It was discovered that GnuTLS had a timing side-channel when performing certain ECDSA operations. A remote attacker could possibly use this issue to recover sensitive information. CVE-2024-28834 It was discovered that GnuTLS incorrectly handled verifying certain PEM bundles. A remote attacker cou...

5.3CVSS6.7AI score0.02116EPSS

Tenable Nessus•added 2024/04/15 12:0 a.m.•30 views

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : GnuTLS vulnerabilities (USN-6733-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6733-1 advisory. It was discovered that GnuTLS had a timing side-channel when performing certain ECDSA operations. A remote attacker could possibly us...

5.3CVSS6.5AI score0.02116EPSS