Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pgp vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2018-14360
An issue exists in NeoMutt prior to 2018-07-16. nntp_add_group in newsrc.c has a stack-based buffer overflow because of incorrect sscanf usage.
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Neomutt Neomutt
5
CVSSv2
CVE-2018-14363
An issue exists in NeoMutt prior to 2018-07-16. newsrc.c does not properly restrict '/' characters that may have unsafe interaction with cache pathnames.
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Neomutt Neomutt
NA
CVE-2023-6873
Memory safety bugs present in Firefox 120. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 121.
Mozilla Firefox
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
7.5
CVSSv2
CVE-2003-0140
Buffer overflow in Mutt 1.4.0 and possibly earlier versions, 1.5.x up to 1.5.3, and other programs that use Mutt code such as Balsa prior to 2.0.10, allows a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a crafted folder...
Mutt Mutt 1.3.12
Mutt Mutt 1.3.16
Mutt Mutt 1.5.3
Mutt Mutt 1.3.17
Mutt Mutt 1.3.22
Mutt Mutt 1.3.27
Mutt Mutt 1.4.0
Mutt Mutt 1.3.24
Mutt Mutt 1.3.25
5
CVSSv2
CVE-2006-3082
parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and previous versions versions, allows remote malicious users to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to an integer over...
Gnupg Gnupg 1.4.3
Gnupg Gnupg
1 EDB exploit
9
CVSSv2
CVE-2017-16921
In OTRS 6.0.x up to and including 6.0.1, OTRS 5.0.x up to and including 5.0.24, and OTRS 4.0.x up to and including 4.0.26, an attacker who is logged into OTRS as an agent can manipulate form parameters (related to PGP) and execute arbitrary shell commands with the permissions of ...
Otrs Otrs 4.0.24
Otrs Otrs 4.0.22
Otrs Otrs 4.0.15
Otrs Otrs 4.0.13
Otrs Otrs 4.0.6
Otrs Otrs 4.0.4
Otrs Otrs 5.0.23
Otrs Otrs 5.0.21
Otrs Otrs 5.0.14
Otrs Otrs 5.0.12
Otrs Otrs 5.0.5
Otrs Otrs 5.0.3
Otrs Otrs 5.0.0
Otrs Otrs 6.0.0
Otrs Otrs 4.0.20
Otrs Otrs 4.0.19
Otrs Otrs 4.0.18
Otrs Otrs 4.0.17
Otrs Otrs 4.0.16
Otrs Otrs 4.0.3
Otrs Otrs 4.0.2
Otrs Otrs 4.0.1
1 EDB exploit
4.6
CVSSv2
CVE-2006-0455
gpgv in GnuPG prior to 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached signature file does not carry a signature, which could cause programs that use gpgv to assume that the signature verification has succeeded....
Gnu Privacy Guard 1.4.2
Gnu Privacy Guard 1.4
Gnu Privacy Guard 1.4.1
Gnu Privacy Guard 1.0.3
Gnu Privacy Guard 1.2.1
Gnu Privacy Guard 1.0.7
Gnu Privacy Guard 1.0.5
Gnu Privacy Guard 1.0.6
Gnu Privacy Guard 1.3.3
Gnu Privacy Guard 1.2.2
Gnu Privacy Guard 1.0
Gnu Privacy Guard 1.0.2
Gnu Privacy Guard 1.2.3
Gnu Privacy Guard 1.2.6
Gnu Privacy Guard 1.2.5
Gnu Privacy Guard 1.0.4
Gnu Privacy Guard 1.3.4
Gnu Privacy Guard 1.0.1
Gnu Privacy Guard 1.0.3b
Gnu Privacy Guard 1.2
Gnu Privacy Guard 1.2.7
Gnu Privacy Guard 1.2.4
1 EDB exploit
5
CVSSv2
CVE-2015-3407
Module::Signature prior to 0.74 allows remote malicious users to bypass signature verification for files via a signature file that does not list the files.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 15.04
Module-signature Project Module-signature
10
CVSSv2
CVE-2015-3408
Module::Signature prior to 0.74 allows remote malicious users to execute arbitrary shell commands via a crafted SIGNATURE file which is not properly handled when generating checksums from a signed manifest.
Module-signature Project Module-signature
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 15.04
7.2
CVSSv2
CVE-2015-3409
Untrusted search path vulnerability in Module::Signature prior to 0.75 allows local users to gain privileges via a Trojan horse module under the current working directory, as demonstrated by a Trojan horse Text::Diff module.
Module-signature Project Module-signature
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 15.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »