Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnupg vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2008-0166
OpenSSL 0.9.8c-1 up to versions prior to 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote malicious users to conduct brute force guessing attacks against cryptographic keys.
Openssl Openssl
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 4.0
3 EDB exploits
22 Github repositories
NA
CVE-2008-1530
GnuPG (gpg) 1.4.8 and 2.0.8 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via crafted duplicate keys that are imported from key servers, which triggers "memory corruption around deduplication of user IDs."
Gnupg Gnupg 1.4.8
Gnupg Gnupg 2.0.8
NA
CVE-2007-4995
Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 prior to 0.9.8f allows remote malicious users to execute arbitrary code via unspecified vectors.
Openssl Openssl 0.9.8d
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.8c
Openssl Openssl 0.9.8
Openssl Openssl 0.9.8a
NA
CVE-2007-3108
The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and previous versions does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys.
Openssl Openssl
NA
CVE-2007-1263
GnuPG 1.4.6 and previous versions and GPGME prior to 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote malicious users to forge the contents of a message without...
Gnupg Gnupg
Gnu Gpgme
1 EDB exploit
NA
CVE-2007-1264
Enigmail 0.94.2 and previous versions does not properly use the --status-fd argument when invoking GnuPG, which prevents Enigmail from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote malicious users to...
Enigmail Enigmail
1 EDB exploit
NA
CVE-2007-1265
KMail 1.9.5 and previous versions does not properly use the --status-fd argument when invoking GnuPG, which prevents KMail from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote malicious users to forge ...
Kde K-mail 1.0.27
Kde K-mail 1.0.28
Kde K-mail 1.2
Kde K-mail 1.3.1
Kde K-mail 1.92
Kde K-mail 1.93
Kde K-mail 1.0.25
Kde K-mail 1.0.26
Kde K-mail 1.101
Kde K-mail 1.102
Kde K-mail 1.89
Kde K-mail 1.9.1
Kde K-mail 1.90
Kde K-mail 0.0.29.2
Kde K-mail 1.0.29
Kde K-mail 1.0.29.1
Kde K-mail 1.7.1
Kde K-mail 1.86.2.36
Kde K-mail 1.94
Kde K-mail 1.95
Kde K-mail 1.0.23
Kde K-mail 1.0.24
NA
CVE-2007-1266
Evolution 2.8.1 and previous versions does not properly use the --status-fd argument when invoking GnuPG, which prevents Evolution from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote malicious users t...
Gnome Evolution
1 EDB exploit
NA
CVE-2007-1267
Sylpheed 2.2.7 and previous versions does not properly use the --status-fd argument when invoking GnuPG, which prevents Sylpheed from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote malicious users to ...
Sylpheed Sylpheed
NA
CVE-2007-1268
Mutt 1.5.13 and previous versions does not properly use the --status-fd argument when invoking GnuPG, which prevents Mutt from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote malicious users to forge t...
Mutt Mutt
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
NEXT »