Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnupg gnupg vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2007-1267
Sylpheed 2.2.7 and previous versions does not properly use the --status-fd argument when invoking GnuPG, which prevents Sylpheed from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote malicious users to ...
Sylpheed Sylpheed
5
CVSSv2
CVE-2007-1268
Mutt 1.5.13 and previous versions does not properly use the --status-fd argument when invoking GnuPG, which prevents Mutt from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote malicious users to forge t...
Mutt Mutt
5
CVSSv2
CVE-2007-1269
GNUMail 1.1.2 and previous versions does not properly use the --status-fd argument when invoking GnuPG, which prevents GNUMail from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote malicious users to fo...
Gnu Gnumail
5
CVSSv2
CVE-2006-3746
Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote malicious users to cause a denial of service (segmentation fault) via a crafted message.
Gnupg Gnupg 1.4.4
1 EDB exploit
5
CVSSv2
CVE-2006-3082
parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and previous versions versions, allows remote malicious users to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to an integer over...
Gnupg Gnupg 1.4.3
Gnupg Gnupg
1 EDB exploit
5
CVSSv2
CVE-2006-0049
gpg in GnuPG prior to 1.4.2.2 does not properly verify non-detached signatures, which allows malicious users to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report that the signature is ...
Gnu Privacy Guard 1.0
Gnu Privacy Guard 1.0.1
Gnu Privacy Guard 1.0.7
Gnu Privacy Guard 1.2
Gnu Privacy Guard 1.2.7
Gnu Privacy Guard 1.3.3
Gnu Privacy Guard 1.0.5
Gnu Privacy Guard 1.0.6
Gnu Privacy Guard 1.2.5
Gnu Privacy Guard 1.2.6
Gnu Privacy Guard 1.4.2.1
Gnu Privacy Guard 1.0.2
Gnu Privacy Guard 1.0.3
Gnu Privacy Guard 1.2.1
Gnu Privacy Guard 1.2.2
Gnu Privacy Guard 1.3.4
Gnu Privacy Guard 1.4
Gnu Privacy Guard 1.0.3b
Gnu Privacy Guard 1.0.4
Gnu Privacy Guard 1.2.3
Gnu Privacy Guard 1.2.4
Gnu Privacy Guard 1.4.1
5
CVSSv2
CVE-2005-0366
The integrity check feature in OpenPGP, when handling a message that was encrypted using cipher feedback (CFB) mode, allows remote malicious users to recover part of the plaintext via a chosen-ciphertext attack when the first 2 bytes of a message block are known, and an oracle or...
Gnupg Gnupg
5
CVSSv2
CVE-2003-0971
GnuPG (GPG) 1.0.2, and other versions up to 1.2.3, creates ElGamal type 20 (sign+encrypt) keys using the same key component for encryption as for signing, which allows malicious users to determine the private key from a signature.
Gnu Privacy Guard 1.0.2
Gnu Privacy Guard 1.2.1
Gnu Privacy Guard 1.2.2
Gnu Privacy Guard 1.0.7
Gnu Privacy Guard 1.2
Gnu Privacy Guard 1.0.3
Gnu Privacy Guard 1.0.3b
Gnu Privacy Guard 1.2.3
Gnu Privacy Guard 1.0.4
Gnu Privacy Guard 1.0.5
Gnu Privacy Guard 1.0.6
14 Github repositories
5
CVSSv2
CVE-2001-0072
gpg (aka GnuPG) 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an malicious user to break the web of trust.
Gnu Privacy Guard 1.0.2
Gnu Privacy Guard 1.0.3
Gnu Privacy Guard 1.0.3b
Gnu Privacy Guard 1.0
Gnu Privacy Guard 1.0.1
4.6
CVSSv2
CVE-2014-1928
The shell_quote function in python-gnupg 0.3.5 does not properly escape characters, which allows context-dependent malicious users to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "\" (backslash) characters to form multi-c...
Python-gnupg Project Python-gnupg
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »