Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnupg gnupg vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2016-4355
Multiple integer overflows in ber-decoder.c in Libksba prior to 1.3.3 allow remote malicious users to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow.
Gnupg Libksba
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
5
CVSSv2
CVE-2016-4356
The append_utf8_value function in the DN decoder (dn.c) in Libksba prior to 1.3.3 allows remote malicious users to cause a denial of service (out-of-bounds read) by clearing the high bit of the byte after invalid utf-8 encoded data.
Gnupg Libksba
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
5
CVSSv2
CVE-2016-4354
ber-decoder.c in Libksba prior to 1.3.3 uses an incorrect integer data type, which allows remote malicious users to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Gnupg Libksba
5
CVSSv2
CVE-2016-4353
ber-decoder.c in Libksba prior to 1.3.3 does not properly handle decoder stack overflows, which allows remote malicious users to cause a denial of service (abort) via crafted BER data.
Gnupg Libksba
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
5
CVSSv2
CVE-2016-1404
Cisco UCS Invicta 4.3, 4.5, and 5.0.1 on Invicta appliances and Invicta Scaling System uses the same hardcoded GnuPG encryption key across different customers' installations, which allows remote malicious users to defeat cryptographic protection mechanisms by sniffing networ...
Cisco Ucs Invicta C3124sa Appliance 4.5 Base
Cisco Ucs Invicta C3124sa Appliance 4.3 Base
Cisco Ucs Invicta C3124sa Appliance 4.3.1
Cisco Ucs Invicta C3124sa Appliance 4.5.0
Cisco Ucs Invicta C3124sa Appliance 5.0.1
Cisco Ucs Invicta C3124sa Appliance 5.0 Base
1.9
CVSSv2
CVE-2015-7511
Libgcrypt prior to 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for physically proximate malicious users to extract ECDH keys by measuring electromagnetic emanations.
Gnupg Libgcrypt
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
1 Article
4.3
CVSSv2
CVE-2015-6506
Cross-site scripting (XSS) vulnerability in the cryptography interface in Request Tracker (RT) prior to 4.2.12 allows remote malicious users to inject arbitrary web script or HTML via a crafted public key.
Bestpractical Request Tracker
4.3
CVSSv2
CVE-2015-5475
Multiple cross-site scripting (XSS) vulnerabilities in Request Tracker (RT) 4.x prior to 4.2.12 allow remote malicious users to inject arbitrary web script or HTML via vectors related to the (1) user and (2) group rights management pages.
Bestpractical Request Tracker
7.5
CVSSv2
CVE-2014-9087
Integer underflow in the ksba_oid_to_str function in Libksba prior to 1.3.2, as used in GnuPG, allows remote malicious users to cause a denial of service (crash) via a crafted OID in a (1) S/MIME message or (2) ECC based OpenPGP data, which triggers a buffer overflow.
Mageia Mageia 3.0
Mageia Mageia 4.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Gnupg Libksba
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Gnupg Gnupg 2.1.0
4.4
CVSSv2
CVE-2014-1929
python-gnupg 0.3.5 and 0.3.6 allows context-dependent malicious users to have an unspecified impact via vectors related to "option injection through positional arguments." NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7323.
Python-gnupg Project Python-gnupg 0.3.6
Python-gnupg Project Python-gnupg 0.3.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »