Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openpgp vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-3521
There is a flaw in RPM's signature functionality. OpenPGP subkeys are associated with a primary key via a "binding signature." RPM does not check the binding signature of subkeys prior to importing them. If an attacker is able to add or socially engineer another pa...
Rpm Rpm
6.8
CVSSv2
CVE-2021-29967
Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thu...
Mozilla Firefox Esr
Mozilla Thunderbird
Mozilla Firefox
NA
CVE-2023-41037
OpenPGP.js is a JavaScript implementation of the OpenPGP protocol. In affected versions OpenPGP Cleartext Signed Messages are cryptographically signed messages where the signed text is readable without special tools. These messages typically contain a "Hash: ..." header...
Openpgpjs Openpgpjs
4.3
CVSSv2
CVE-2010-3618
PGP Desktop 10.0.x prior to 10.0.3 SP2 and 10.1.0 prior to 10.1.0 SP1 does not properly implement the "Decrypt/Verify File via Right-Click" functionality for multi-packet OpenPGP messages that represent multi-message input, which allows remote malicious users to spoof s...
Pgp Desktop For Windows
Pgp Desktop For Windows 10.0.0
Pgp Desktop For Windows 10.0.1
Pgp Desktop For Windows 10.0.2
Pgp Desktop For Windows 10.0.3
Pgp Desktop For Windows 10.1.0
Pgp Desktop For Mac 10.1.0
Pgp Desktop For Mac 10.0.1
Pgp Desktop For Mac 10.0.2
Pgp Desktop For Mac 10.0.3
Pgp Desktop For Mac
Pgp Desktop For Mac 10.0.0
NA
CVE-2021-43529
Thunderbird versions before 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded D...
Mozilla Thunderbird
NA
CVE-2022-2226
An OpenPGP digital signature includes information about the date when the signature was created. When displaying an email that contains a digital signature, the email's date will be shown. If the dates were different, then Thunderbird didn't report the email as having a...
Mozilla Thunderbird
Mozilla Thunderbird 101.0
10
CVSSv2
CVE-2009-1358
apt-get in apt prior to 0.7.21 does not check for the correct error code from gpgv, which causes apt to treat a repository as valid even when it has been signed with a key that has been revoked or expired, which might allow remote malicious users to trick apt into installing mali...
Debian Advanced Package Tool 0.7.21
Debian Advanced Package Tool 0.7.19
Debian Advanced Package Tool 0.7.16
Debian Advanced Package Tool 0.7.15
Debian Apt 0.7.9
Debian Apt 0.7.8
Debian Advanced Package Tool 0.7.2
Debian Advanced Package Tool 0.7.1
Debian Apt 0.6.46.1
Debian Apt 0.6.46
Debian Apt 0.6.45
Debian Apt 0.6.43.2
Debian Apt 0.6.43.1
Debian Apt 0.6.40.1
Debian Apt 0.6.40
Debian Apt 0.6.33
Debian Apt 0.6.32
Debian Apt 0.6.27
Debian Apt 0.6.20
Debian Apt 0.6.19
Debian Apt 0.6.11
Debian Apt 0.6.10
4.3
CVSSv2
CVE-2021-43528
Thunderbird unexpectedly enabled JavaScript in the composition area. The JavaScript execution context was limited to this area and did not receive chrome-level privileges, but could be used as a stepping stone to further an attack with other vulnerabilities. This vulnerability af...
Mozilla Thunderbird
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
5.8
CVSSv2
CVE-2012-6085
The read_block function in g10/import.c in GnuPG 1.4.x prior to 1.4.13 and 2.0.x up to and including 2.0.19, when importing a key, allows remote malicious users to corrupt the public keyring database or cause a denial of service (application crash) via a crafted length field of a...
Gnupg Gnupg 1.4.8
Gnupg Gnupg 1.4.10
Gnupg Gnupg 1.4.4
Gnupg Gnupg 1.4.0
Gnupg Gnupg 1.4.12
Gnupg Gnupg 1.4.2
Gnupg Gnupg 1.4.11
Gnupg Gnupg 1.4.3
Gnupg Gnupg 1.4.5
Gnupg Gnupg 2.0.1
Gnupg Gnupg 2.0.7
Gnupg Gnupg 2.0.15
Gnupg Gnupg 2.0.8
Gnupg Gnupg 2.0.11
Gnupg Gnupg 2.0.6
Gnupg Gnupg 2.0.10
Gnupg Gnupg 2.0.13
Gnupg Gnupg 2.0
Gnupg Gnupg 2.0.5
Gnupg Gnupg 2.0.17
Gnupg Gnupg 2.0.12
Gnupg Gnupg 2.0.18
7.5
CVSSv2
CVE-2001-0522
Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and previous versions can allow an malicious user to gain privileges via format strings in the original filename that is stored in an encrypted file.
Gnu Privacy Guard 7.1
Gnu Privacy Guard 7.2
Gnu Privacy Guard 8.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »