Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu privacy guard vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2015-0837
The mpi_powm function in Libgcrypt prior to 1.6.3 and GnuPG prior to 1.4.19 allows malicious users to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during modular exponentiation, related to a "Last-Level Cache Side-Channel ...
Gnupg Gnupg
Gnupg Libgcrypt
Debian Debian Linux 7.0
Debian Debian Linux 8.0
4.2
CVSSv3
CVE-2014-3591
Libgcrypt prior to 1.6.3 and GnuPG prior to 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate malicious users to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the ...
Gnupg Gnupg
Gnupg Libgcrypt
Debian Debian Linux 7.0
Debian Debian Linux 8.0
5.5
CVSSv3
CVE-2015-1606
The keyring DB in GnuPG prior to 2.1.2 does not properly handle invalid packets, which allows remote malicious users to cause a denial of service (invalid read and use-after-free) via a crafted keyring file.
Gnupg Gnupg
Debian Debian Linux 8.0
Debian Debian Linux 7.0
NA
CVE-2014-4617
The do_uncompress function in g10/compress.c in GnuPG 1.x prior to 1.4.17 and 2.x prior to 2.0.24 allows context-dependent malicious users to cause a denial of service (infinite loop) via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence.
Gnupg Gnupg 2.0.1
Gnupg Gnupg 2.0.7
Gnupg Gnupg 2.0.15
Gnupg Gnupg 2.0.8
Gnupg Gnupg 2.0.11
Gnupg Gnupg 2.0.6
Gnupg Gnupg 2.0.10
Gnupg Gnupg 2.0.13
Gnupg Gnupg 2.0
Gnupg Gnupg 2.0.5
Gnupg Gnupg 2.0.17
Gnupg Gnupg 2.0.12
Gnupg Gnupg 2.0.18
Gnupg Gnupg 2.0.16
Gnupg Gnupg 2.0.21
Gnupg Gnupg 2.0.14
Gnupg Gnupg 2.0.4
Gnupg Gnupg 2.0.3
Gnupg Gnupg 2.0.22
Gnupg Gnupg 2.0.19
Gnupg Gnupg 2.0.20
Gnupg Gnupg 2.0.23
1 Github repository
NA
CVE-2013-4351
GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote malicious users to bypass intended cryptographic protection mechanisms by leveraging the subkey.
Gnupg Gnupg 1.4.8
Gnupg Gnupg 1.4.6
Gnupg Gnupg 1.4.10
Gnupg Gnupg 1.4.0
Gnupg Gnupg 1.4.12
Gnupg Gnupg 1.4.11
Gnupg Gnupg 1.4.5
Gnupg Gnupg 1.4.4
Gnupg Gnupg 1.4.3
Gnupg Gnupg 1.4.2
Gnupg Gnupg 1.4.13
Gnupg Gnupg 2.0.13
Gnupg Gnupg 2.0.14
Gnupg Gnupg 2.0.4
Gnupg Gnupg 2.0.11
Gnupg Gnupg 2.0.12
Gnupg Gnupg 2.0.19
Gnupg Gnupg 2.0.3
Gnupg Gnupg 2.0
Gnupg Gnupg 2.0.15
Gnupg Gnupg 2.0.16
Gnupg Gnupg 2.0.6
NA
CVE-2012-6085
The read_block function in g10/import.c in GnuPG 1.4.x prior to 1.4.13 and 2.0.x up to and including 2.0.19, when importing a key, allows remote malicious users to corrupt the public keyring database or cause a denial of service (application crash) via a crafted length field of a...
Gnupg Gnupg 1.4.8
Gnupg Gnupg 1.4.10
Gnupg Gnupg 1.4.4
Gnupg Gnupg 1.4.0
Gnupg Gnupg 1.4.12
Gnupg Gnupg 1.4.2
Gnupg Gnupg 1.4.11
Gnupg Gnupg 1.4.3
Gnupg Gnupg 1.4.5
Gnupg Gnupg 2.0.1
Gnupg Gnupg 2.0.7
Gnupg Gnupg 2.0.15
Gnupg Gnupg 2.0.8
Gnupg Gnupg 2.0.11
Gnupg Gnupg 2.0.6
Gnupg Gnupg 2.0.10
Gnupg Gnupg 2.0.13
Gnupg Gnupg 2.0
Gnupg Gnupg 2.0.5
Gnupg Gnupg 2.0.17
Gnupg Gnupg 2.0.12
Gnupg Gnupg 2.0.18
NA
CVE-2006-6235
A "stack overwrite" vulnerability in GnuPG (gpg) 1.x prior to 1.4.6, 2.x prior to 2.0.2, and 1.9.0 up to and including 1.9.95 allows malicious users to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated...
Gnu Privacy Guard 1.3.4
Gnu Privacy Guard 1.4
Gnu Privacy Guard 1.4.1
Gnu Privacy Guard 1.9.10
Gnu Privacy Guard 1.9.15
Gnu Privacy Guard 1.2.7
Gnu Privacy Guard 1.3.3
Gnu Privacy Guard 1.4.4
Gnu Privacy Guard 1.4.5
Gnu Privacy Guard 1.2.4
Gnu Privacy Guard 1.4.2
Gnu Privacy Guard 1.4.2.1
Gnu Privacy Guard 1.9.20
Gnu Privacy Guard 2.0
Gnu Privacy Guard 1.2.5
Gnu Privacy Guard 1.2.6
Gnu Privacy Guard 1.4.2.2
Gnu Privacy Guard 1.4.3
Gnu Privacy Guard 2.0.1
Gpg4win Gpg4win 1.0.7
Redhat Enterprise Linux 4.0
Ubuntu Ubuntu Linux 5.10
NA
CVE-2006-3746
Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote malicious users to cause a denial of service (segmentation fault) via a crafted message.
Gnupg Gnupg 1.4.4
1 EDB exploit
NA
CVE-2006-3082
parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and previous versions versions, allows remote malicious users to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to an integer over...
Gnupg Gnupg 1.4.3
Gnupg Gnupg
1 EDB exploit
NA
CVE-2006-0049
gpg in GnuPG prior to 1.4.2.2 does not properly verify non-detached signatures, which allows malicious users to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report that the signature is ...
Gnu Privacy Guard 1.0
Gnu Privacy Guard 1.0.1
Gnu Privacy Guard 1.0.7
Gnu Privacy Guard 1.2
Gnu Privacy Guard 1.2.7
Gnu Privacy Guard 1.3.3
Gnu Privacy Guard 1.0.5
Gnu Privacy Guard 1.0.6
Gnu Privacy Guard 1.2.5
Gnu Privacy Guard 1.2.6
Gnu Privacy Guard 1.4.2.1
Gnu Privacy Guard 1.0.2
Gnu Privacy Guard 1.0.3
Gnu Privacy Guard 1.2.1
Gnu Privacy Guard 1.2.2
Gnu Privacy Guard 1.3.4
Gnu Privacy Guard 1.4
Gnu Privacy Guard 1.0.3b
Gnu Privacy Guard 1.0.4
Gnu Privacy Guard 1.2.3
Gnu Privacy Guard 1.2.4
Gnu Privacy Guard 1.4.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »