Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2006-0645 | 7.5 |
Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via "out-of-bounds access" caused by inva
|
19-10-2018 - 15:45 | 10-02-2006 - 18:06 | |
CVE-2008-1950 | 5.0 |
Integer signedness error in the _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in libgnutls in GnuTLS before 2.2.4 allows remote attackers to cause a denial of service (buffer over-read and crash) via a certain integer value in the Ran
|
11-10-2018 - 20:38 | 21-05-2008 - 13:24 | |
CVE-2009-2730 | 7.5 |
libgnutls in GnuTLS before 2.8.2 does not properly handle a '\0' character in a domain name in the subject's (1) Common Name (CN) or (2) Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof a
|
10-10-2018 - 19:42 | 12-08-2009 - 10:30 | |
CVE-2006-4790 | 5.0 |
verify.c in GnuTLS before 1.4.4, when using an RSA key with exponent 3, does not properly handle excess data in the digestAlgorithm.parameters field when generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signe
|
11-10-2017 - 01:31 | 14-09-2006 - 19:07 | |
CVE-2010-0731 | 7.5 |
The gnutls_x509_crt_get_serial function in the GnuTLS library before 1.2.1, when running on big-endian, 64-bit platforms, calls the asn1_read_value with a pointer to the wrong data type and the wrong length value, which allows remote attackers to byp
|
19-09-2017 - 01:30 | 26-03-2010 - 18:30 |