Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnupg gnupg vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2006-6169
Heap-based buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow malicious users to execute arbitrary code via messages with "C-escape" expansions, which cause the make_printable_string functi...
Gnupg Gnupg 2.0
Gnupg Gnupg 1.4
6.5
CVSSv2
CVE-2020-24972
The Kleopatra component prior to 3.1.12 (and prior to 20.07.80) for GnuPG allows remote malicious users to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. The Qt platformpluginpath command-line option can be used to lo...
Kleopatra Project Kleopatra
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
6.4
CVSSv2
CVE-2019-9149
Mailvelope before 3.3.0 allows private key operations without user interaction via its client-API. By modifying an URL parameter in Mailvelope, an attacker is able to sign (and encrypt) arbitrary messages with Mailvelope, assuming the private key password is cached. A second vuln...
Mailvelope Mailvelope
6.4
CVSSv2
CVE-2012-6579
Best Practical Solutions RT 3.8.x prior to 3.8.15 and 4.0.x prior to 4.0.8, when GnuPG is enabled, allows remote malicious users to configure encryption or signing for certain outbound e-mail, and possibly cause a denial of service (loss of e-mail readability), via an e-mail mess...
Bestpractical Request Tracker 3.8.7
Bestpractical Request Tracker 3.8.14
Bestpractical Request Tracker 3.8.9
Bestpractical Request Tracker 3.8.10
Bestpractical Request Tracker 3.8.13
Bestpractical Request Tracker 3.8.11
Bestpractical Request Tracker 3.8.12
Bestpractical Request Tracker 3.8.4
Bestpractical Request Tracker 3.8.3
Bestpractical Request Tracker 4.0.0
Bestpractical Request Tracker 4.0.6
Bestpractical Request Tracker 4.0.7
Bestpractical Request Tracker 4.0.5
Bestpractical Request Tracker 4.0.1
Bestpractical Request Tracker 4.0.2
Bestpractical Request Tracker 4.0.4
Bestpractical Request Tracker 4.0.3
5.8
CVSSv2
CVE-2022-34903
GnuPG up to and including 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.
Gnupg Gnupg
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
5.8
CVSSv2
CVE-2013-4351
GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote malicious users to bypass intended cryptographic protection mechanisms by leveraging the subkey.
Gnupg Gnupg 1.4.8
Gnupg Gnupg 1.4.10
Gnupg Gnupg 1.4.4
Gnupg Gnupg 1.4.0
Gnupg Gnupg 1.4.6
Gnupg Gnupg 1.4.13
Gnupg Gnupg 1.4.12
Gnupg Gnupg 1.4.2
Gnupg Gnupg 1.4.11
Gnupg Gnupg 1.4.3
Gnupg Gnupg 1.4.5
Gnupg Gnupg 2.0.1
Gnupg Gnupg 2.0.7
Gnupg Gnupg 2.0.15
Gnupg Gnupg 2.0.8
Gnupg Gnupg 2.0.11
Gnupg Gnupg 2.0.6
Gnupg Gnupg 2.0.10
Gnupg Gnupg 2.0.13
Gnupg Gnupg 2.0
Gnupg Gnupg 2.0.5
Gnupg Gnupg 2.0.17
5.8
CVSSv2
CVE-2012-6085
The read_block function in g10/import.c in GnuPG 1.4.x prior to 1.4.13 and 2.0.x up to and including 2.0.19, when importing a key, allows remote malicious users to corrupt the public keyring database or cause a denial of service (application crash) via a crafted length field of a...
Gnupg Gnupg 1.4.8
Gnupg Gnupg 1.4.10
Gnupg Gnupg 1.4.4
Gnupg Gnupg 1.4.0
Gnupg Gnupg 1.4.12
Gnupg Gnupg 1.4.2
Gnupg Gnupg 1.4.11
Gnupg Gnupg 1.4.3
Gnupg Gnupg 1.4.5
Gnupg Gnupg 2.0.1
Gnupg Gnupg 2.0.7
Gnupg Gnupg 2.0.15
Gnupg Gnupg 2.0.8
Gnupg Gnupg 2.0.11
Gnupg Gnupg 2.0.6
Gnupg Gnupg 2.0.10
Gnupg Gnupg 2.0.13
Gnupg Gnupg 2.0
Gnupg Gnupg 2.0.5
Gnupg Gnupg 2.0.17
Gnupg Gnupg 2.0.12
Gnupg Gnupg 2.0.18
5.1
CVSSv2
CVE-2010-2547
Use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG 2.x up to and including 2.0.16 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a certificate with a large number of Subject Alternate Names, which is not...
Gnupg Gnupg
Fedoraproject Fedora 13
Debian Debian Linux 5.0
5
CVSSv2
CVE-2021-33560
Libgcrypt prior to 1.8.8 and 1.9.x prior to 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.
Gnupg Libgcrypt
Debian Debian Linux 9.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Oracle Communications Cloud Native Core Network Repository Function 1.14.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.9.0
Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Oracle Communications Cloud Native Core Service Communication Proxy 1.15.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.1
Oracle Communications Cloud Native Core Binding Support Function 1.11.0
1 Github repository
5
CVSSv2
CVE-2019-14855
A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions prior to 2.2.18.
Gnupg Gnupg
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Canonical Ubuntu Linux 18.04
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »