GNU : Security Vulnerabilities, CVEs, (Bypass) CVSS score >= 9
The REPL server (--listen) in GNU Guile 2.0.12 allows an attacker to execute arbitrary code via an HTTP inter-protocol attack.
Max CVSS
9.8
EPSS Score
1.05%
Published
2017-01-12
Updated
2017-01-18
The _gnutls_recv_client_kx_message function in lib/gnutls_kx.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 continues to process Client Hello messages within a TLS message after one has already been processed, which allows remote attackers to cause a denial of service (NULL dereference and crash) via a TLS message containing multiple Client Hello messages, aka GNUTLS-SA-2008-1-2.
Max CVSS
9.3
EPSS Score
5.13%
Published
2008-05-21
Updated
2018-10-11
2 vulnerabilities found