CVE-2025-9820 | GnuTLS up to 3.8.10 PKCS Token pkcs11_write.c gnutls_pkcs11_token_init stack-based overflow

Inserito da Angelo Barbosa | Nov 21, 2025 | CVE

A vulnerability marked as critical has been reported in GnuTLS up to 3.8.10. This affects the function gnutls_pkcs11_token_init of the file pkcs11_write.c of the component PKCS Token Handler. This manipulation causes stack-based buffer overflow.

This vulnerability appears as CVE-2025-9820. The attack may be initiated remotely. There is no available exploit.

It is suggested to upgrade the affected component.

CVE-2025-9820 | GnuTLS up to 3.8.10 PKCS Token pkcs11_write.c gnutls_pkcs11_token_init stack-based overflow

Post correlati

CVE-2025-6751 | Linksys E8450 up to 1.2.00.360516 HTTP POST Request portal.cgi set_device_language dut_language buffer overflow

CVE-2025-47211 | QNAP QTS/QuTS hero prior 5.2.6.3195 Build 20250715 path traversal (qsa-25-36)

CVE-2024-43527 | Microsoft

CVE-2024-10045 | Transients Manager Plugin up to 2.0.6 on WordPress cross-site request forgery