Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedHat Linux
RedHat Linuxadded 2026/06/16 4:53 p.m.11 views

gnutls: Fix use-after-free in gnutls_pkcs11_token_set_pin

A flaw was found in GnuTLS. The gnutlspkcs11tokensetpin function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path...

6.6CVSS5.3AI score0.00141EPSS
Exploits0References6
NVD
NVDadded 2026/06/16 2:16 a.m.9 views

CVE-2026-42014

A flaw was found in GnuTLS. The gnutlspkcs11tokensetpin function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path...

6.6CVSS0.00141EPSS
Exploits0References9
CVE
CVEadded 2026/06/16 12:49 a.m.16 views

CVE-2026-42014

GnuTLS vulnerability CVE-2026-42014 fixes a use-after-free in gnutls_pkcs11_token_set_pin when changing the Security Officer PIN with a NULL old PIN on tokens lacking a protected authentication path. The connected advisories (SUSE SUSE-SU-2026:2115-1, OSV entries, and Red Hat Oracle/Rocky advisor...

6.6CVSS5.2AI score0.00141EPSS
Exploits0References9
SUSE Linux
SUSE Linuxadded 2026/05/29 3:27 p.m.10 views

Security update for gnutls

This update for gnutls fixes the following issues CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive bsc1263707. CVE-2026-5260: lib/pkcs11privkey: guard against overreading on short ciphertexts bsc1263715. CVE-2026-5419: gnutlscipherdecrypt3: make PKCS7 unpadding branch...

8.8CVSS5.8AI score0.01078EPSS
Exploits1References48
OSV
OSVadded 2026/05/29 3:27 p.m.3 views

SUSE-SU-2026:2115-1 Security update for gnutls

This update for gnutls fixes the following issues - CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive bsc1263707. - CVE-2026-5260: lib/pkcs11privkey: guard against overreading on short ciphertexts bsc1263715. - CVE-2026-5419: gnutlscipherdecrypt3: make PKCS7 unpadding...

9.8CVSS5.8AI score0.01078EPSS
Exploits1References25
Tenable Nessus
Tenable Nessusadded 2026/05/26 12:0 a.m.17 views

Amazon Linux 2023 : gnutls, gnutls-c++, gnutls-dane (ALAS2023-2026-1757)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1757 advisory. GnuTLS didn't check that DTLS fragments claimed a consistent messagelength value. Additionally, a crucial array size check was missing, enabling an attacker to cause a heap overwrite...

9.8CVSS5.8AI score0.01078EPSS
Exploits1References16
Snyk
Snykadded 2026/04/29 12:0 a.m.6 views

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in the gnutlspkcs11tokensetpin function. An attacker can execute arbitrary code or cause a denial of service by triggering a use-after-free condition. Remediation A fix was pushed into the master branch but not yet...

8.5CVSS6.2AI score0.00141EPSS
Exploits0References2
Rows per page
Query Builder