Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnupg vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2007-1266
Evolution 2.8.1 and previous versions does not properly use the --status-fd argument when invoking GnuPG, which prevents Evolution from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote malicious users t...
Gnome Evolution
1 EDB exploit
755
VMScore
CVE-2001-0522
Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and previous versions can allow an malicious user to gain privileges via format strings in the original filename that is stored in an encrypted file.
Gnu Privacy Guard 7.1
Gnu Privacy Guard 7.2
Gnu Privacy Guard 8.0
1 EDB exploit
445
VMScore
CVE-2021-33560
Libgcrypt prior to 1.8.8 and 1.9.x prior to 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.
Gnupg Libgcrypt
Debian Debian Linux 9.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Oracle Communications Cloud Native Core Network Repository Function 1.14.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.9.0
Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Oracle Communications Cloud Native Core Service Communication Proxy 1.15.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.1
Oracle Communications Cloud Native Core Binding Support Function 1.11.0
1 Github repository
505
VMScore
CVE-2007-1264
Enigmail 0.94.2 and previous versions does not properly use the --status-fd argument when invoking GnuPG, which prevents Enigmail from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote malicious users to...
Enigmail Enigmail
1 EDB exploit
668
VMScore
CVE-2018-12356
An issue exists in password-store.sh in pass in Simple Password Store 1.7.x prior to 1.7.2. The signature verification routine parses the output of GnuPG with an incomplete regular expression, which allows remote malicious users to spoof file signatures on configuration files and...
Simple Password Store Project Simple Password Store
1 Article
231
VMScore
CVE-2001-0273
pgp4pine Pine/PGP interface version 1.75-6 does not properly check to see if a public key has expired when obtaining the keys via Gnu Privacy Guard (GnuPG), which causes the message to be sent in cleartext.
Holger Lamm Pgp4pine 1.75.6
668
VMScore
CVE-2003-0256
The GnuPG plugin in kopete prior to 0.6.2 does not properly cleanse the command line when executing gpg, which allows remote malicious users to execute arbitrary commands.
Kde Kopete 0.6.1
187
VMScore
CVE-2001-0071
gpg (aka GnuPG) 1.0.4 and other versions does not properly verify detached signatures, which allows malicious users to modify the contents of a file without detection.
Gnu Privacy Guard 1.0.3b
Gnu Privacy Guard 1.0
Gnu Privacy Guard 1.0.1
Gnu Privacy Guard 1.0.2
Gnu Privacy Guard 1.0.3
668
VMScore
CVE-2000-0974
GnuPG (gpg) 1.0.3 does not properly check all signatures of a file containing multiple documents, which allows an malicious user to modify contents of all documents but the first without detection.
Gnu Privacy Guard 1.0.2
Gnu Privacy Guard 1.0.3
Gnu Privacy Guard 1.0
Gnu Privacy Guard 1.0.1
187
VMScore
CVE-2021-3349
GNOME Evolution up to and including 3.38.3 produces a "Valid signature" message for an unknown identifier on a previously trusted key because Evolution does not retrieve enough information from the GnuPG API. NOTE: third parties dispute the significance of this issue, a...
Gnome Evolution
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »