Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnupg vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2017-0379
Libgcrypt prior to 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for malicious users to discover a secret key, related to cipher/ecc.c and mpi/ec.c.
Gnupg Libgcrypt
Debian Debian Linux 9.0
383
VMScore
CVE-2019-12904
In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.) NOTE: the ven...
Gnupg Libgcrypt 1.8.4
Opensuse Leap 15.0
447
VMScore
CVE-2019-13050
Interaction between the sks-keyserver code up to and including 1.2.0 of the SKS keyserver network, and GnuPG up to and including 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network...
Gnupg Gnupg
Sks Keyserver Project Sks Keyserver
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.0
Opensuse Leap 15.1
F5 Traffix Signaling Delivery Controller
516
VMScore
CVE-2022-34903
GnuPG up to and including 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.
Gnupg Gnupg
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
445
VMScore
CVE-2016-4353
ber-decoder.c in Libksba prior to 1.3.3 does not properly handle decoder stack overflows, which allows remote malicious users to cause a denial of service (abort) via crafted BER data.
Gnupg Libksba
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
445
VMScore
CVE-2016-4354
ber-decoder.c in Libksba prior to 1.3.3 uses an incorrect integer data type, which allows remote malicious users to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Gnupg Libksba
445
VMScore
CVE-2016-4355
Multiple integer overflows in ber-decoder.c in Libksba prior to 1.3.3 allow remote malicious users to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow.
Gnupg Libksba
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
445
VMScore
CVE-2016-4356
The append_utf8_value function in the DN decoder (dn.c) in Libksba prior to 1.3.3 allows remote malicious users to cause a denial of service (out-of-bounds read) by clearing the high bit of the byte after invalid utf-8 encoded data.
Gnupg Libksba
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
642
VMScore
CVE-2021-3345
_gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9.0 has a heap-based buffer overflow when the digest final function sets a large count value. It is recommended to upgrade to 1.9.1 or later.
Gnupg Libgcrypt 1.9.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
2 Github repositories
NA
CVE-2022-47629
Libksba prior to 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.
Gnupg Libksba
Debian Debian Linux 10.0
Debian Debian Linux 11.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »