Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnupg gnupg 2.0.16 vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2010-2547
Use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG 2.x up to and including 2.0.16 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a certificate with a large number of Subject Alternate Names, which is not...
Gnupg Gnupg
Fedoraproject Fedora 13
Debian Debian Linux 5.0
NA
CVE-2014-4617
The do_uncompress function in g10/compress.c in GnuPG 1.x prior to 1.4.17 and 2.x prior to 2.0.24 allows context-dependent malicious users to cause a denial of service (infinite loop) via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence.
Gnupg Gnupg 2.0.1
Gnupg Gnupg 2.0.7
Gnupg Gnupg 2.0.15
Gnupg Gnupg 2.0.8
Gnupg Gnupg 2.0.11
Gnupg Gnupg 2.0.6
Gnupg Gnupg 2.0.10
Gnupg Gnupg 2.0.13
Gnupg Gnupg 2.0
Gnupg Gnupg 2.0.5
Gnupg Gnupg 2.0.17
Gnupg Gnupg 2.0.12
Gnupg Gnupg 2.0.18
Gnupg Gnupg 2.0.16
Gnupg Gnupg 2.0.21
Gnupg Gnupg 2.0.14
Gnupg Gnupg 2.0.4
Gnupg Gnupg 2.0.3
Gnupg Gnupg 2.0.22
Gnupg Gnupg 2.0.19
Gnupg Gnupg 2.0.20
Gnupg Gnupg 2.0.23
1 Github repository
NA
CVE-2013-4351
GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote malicious users to bypass intended cryptographic protection mechanisms by leveraging the subkey.
Gnupg Gnupg 1.4.8
Gnupg Gnupg 1.4.6
Gnupg Gnupg 1.4.10
Gnupg Gnupg 1.4.0
Gnupg Gnupg 1.4.12
Gnupg Gnupg 1.4.11
Gnupg Gnupg 1.4.5
Gnupg Gnupg 1.4.4
Gnupg Gnupg 1.4.3
Gnupg Gnupg 1.4.2
Gnupg Gnupg 1.4.13
Gnupg Gnupg 2.0.13
Gnupg Gnupg 2.0.14
Gnupg Gnupg 2.0.4
Gnupg Gnupg 2.0.11
Gnupg Gnupg 2.0.12
Gnupg Gnupg 2.0.19
Gnupg Gnupg 2.0.3
Gnupg Gnupg 2.0
Gnupg Gnupg 2.0.15
Gnupg Gnupg 2.0.16
Gnupg Gnupg 2.0.6
NA
CVE-2012-6085
The read_block function in g10/import.c in GnuPG 1.4.x prior to 1.4.13 and 2.0.x up to and including 2.0.19, when importing a key, allows remote malicious users to corrupt the public keyring database or cause a denial of service (application crash) via a crafted length field of a...
Gnupg Gnupg 1.4.8
Gnupg Gnupg 1.4.10
Gnupg Gnupg 1.4.4
Gnupg Gnupg 1.4.0
Gnupg Gnupg 1.4.12
Gnupg Gnupg 1.4.2
Gnupg Gnupg 1.4.11
Gnupg Gnupg 1.4.3
Gnupg Gnupg 1.4.5
Gnupg Gnupg 2.0.1
Gnupg Gnupg 2.0.7
Gnupg Gnupg 2.0.15
Gnupg Gnupg 2.0.8
Gnupg Gnupg 2.0.11
Gnupg Gnupg 2.0.6
Gnupg Gnupg 2.0.10
Gnupg Gnupg 2.0.13
Gnupg Gnupg 2.0
Gnupg Gnupg 2.0.5
Gnupg Gnupg 2.0.17
Gnupg Gnupg 2.0.12
Gnupg Gnupg 2.0.18
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started