Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnupg gnupg vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2006-3746
Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote malicious users to cause a denial of service (segmentation fault) via a crafted message.
Gnupg Gnupg 1.4.4
1 EDB exploit
505
VMScore
CVE-2006-3082
parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and previous versions versions, allows remote malicious users to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to an integer over...
Gnupg Gnupg 1.4.3
Gnupg Gnupg
1 EDB exploit
465
VMScore
CVE-2006-0455
gpgv in GnuPG prior to 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached signature file does not carry a signature, which could cause programs that use gpgv to assume that the signature verification has succeeded....
Gnu Privacy Guard 1.4.2
Gnu Privacy Guard 1.4
Gnu Privacy Guard 1.4.1
Gnu Privacy Guard 1.0.3
Gnu Privacy Guard 1.2.1
Gnu Privacy Guard 1.0.7
Gnu Privacy Guard 1.0.5
Gnu Privacy Guard 1.0.6
Gnu Privacy Guard 1.3.3
Gnu Privacy Guard 1.2.2
Gnu Privacy Guard 1.0
Gnu Privacy Guard 1.0.2
Gnu Privacy Guard 1.2.3
Gnu Privacy Guard 1.2.6
Gnu Privacy Guard 1.2.5
Gnu Privacy Guard 1.0.4
Gnu Privacy Guard 1.3.4
Gnu Privacy Guard 1.0.1
Gnu Privacy Guard 1.0.3b
Gnu Privacy Guard 1.2
Gnu Privacy Guard 1.2.7
Gnu Privacy Guard 1.2.4
1 EDB exploit
454
VMScore
CVE-2010-2547
Use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG 2.x up to and including 2.0.16 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a certificate with a large number of Subject Alternate Names, which is not...
Gnupg Gnupg
Fedoraproject Fedora 13
Debian Debian Linux 5.0
449
VMScore
CVE-2003-0971
GnuPG (GPG) 1.0.2, and other versions up to 1.2.3, creates ElGamal type 20 (sign+encrypt) keys using the same key component for encryption as for signing, which allows malicious users to determine the private key from a signature.
Gnu Privacy Guard 1.0.2
Gnu Privacy Guard 1.2.1
Gnu Privacy Guard 1.2.2
Gnu Privacy Guard 1.0.7
Gnu Privacy Guard 1.2
Gnu Privacy Guard 1.0.3
Gnu Privacy Guard 1.0.3b
Gnu Privacy Guard 1.2.3
Gnu Privacy Guard 1.0.4
Gnu Privacy Guard 1.0.5
Gnu Privacy Guard 1.0.6
14 Github repositories
447
VMScore
CVE-2019-13050
Interaction between the sks-keyserver code up to and including 1.2.0 of the SKS keyserver network, and GnuPG up to and including 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network...
Gnupg Gnupg
Sks Keyserver Project Sks Keyserver
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.0
Opensuse Leap 15.1
F5 Traffix Signaling Delivery Controller
446
VMScore
CVE-2019-6690
python-gnupg 0.4.3 allows context-dependent malicious users to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE-20: Improper Input...
Python Python-gnupg 0.4.3
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.0
Suse Backports -
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
3 Github repositories
446
VMScore
CVE-2018-9234
GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey.
Gnupg Gnupg 2.2.4
Gnupg Gnupg 2.2.5
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
446
VMScore
CVE-2018-6829
cipher/elgamal.c in Libgcrypt up to and including 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows malicious users to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertex...
Gnupg Libgcrypt
445
VMScore
CVE-2021-33560
Libgcrypt prior to 1.8.8 and 1.9.x prior to 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.
Gnupg Libgcrypt
Debian Debian Linux 9.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Oracle Communications Cloud Native Core Network Repository Function 1.14.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.9.0
Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Oracle Communications Cloud Native Core Service Communication Proxy 1.15.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.1
Oracle Communications Cloud Native Core Binding Support Function 1.11.0
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »