Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnupg gnupg 1.4 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2006-6169
Heap-based buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow malicious users to execute arbitrary code via messages with "C-escape" expansions, which cause the make_printable_string functi...
Gnupg Gnupg 1.4
Gnupg Gnupg 2.0
5.8
CVSSv2
CVE-2013-4351
GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote malicious users to bypass intended cryptographic protection mechanisms by leveraging the subkey.
Gnupg Gnupg 1.4.8
Gnupg Gnupg 1.4.6
Gnupg Gnupg 1.4.10
Gnupg Gnupg 1.4.0
Gnupg Gnupg 1.4.12
Gnupg Gnupg 1.4.11
Gnupg Gnupg 1.4.5
Gnupg Gnupg 1.4.4
Gnupg Gnupg 1.4.3
Gnupg Gnupg 1.4.2
Gnupg Gnupg 1.4.13
Gnupg Gnupg 2.0.13
Gnupg Gnupg 2.0.14
Gnupg Gnupg 2.0.4
Gnupg Gnupg 2.0.11
Gnupg Gnupg 2.0.12
Gnupg Gnupg 2.0.19
Gnupg Gnupg 2.0.3
Gnupg Gnupg 2.0
Gnupg Gnupg 2.0.15
Gnupg Gnupg 2.0.16
Gnupg Gnupg 2.0.6
5.8
CVSSv2
CVE-2012-6085
The read_block function in g10/import.c in GnuPG 1.4.x prior to 1.4.13 and 2.0.x up to and including 2.0.19, when importing a key, allows remote malicious users to corrupt the public keyring database or cause a denial of service (application crash) via a crafted length field of a...
Gnupg Gnupg 1.4.8
Gnupg Gnupg 1.4.10
Gnupg Gnupg 1.4.4
Gnupg Gnupg 1.4.0
Gnupg Gnupg 1.4.12
Gnupg Gnupg 1.4.2
Gnupg Gnupg 1.4.11
Gnupg Gnupg 1.4.3
Gnupg Gnupg 1.4.5
Gnupg Gnupg 2.0.1
Gnupg Gnupg 2.0.7
Gnupg Gnupg 2.0.15
Gnupg Gnupg 2.0.8
Gnupg Gnupg 2.0.11
Gnupg Gnupg 2.0.6
Gnupg Gnupg 2.0.10
Gnupg Gnupg 2.0.13
Gnupg Gnupg 2.0
Gnupg Gnupg 2.0.5
Gnupg Gnupg 2.0.17
Gnupg Gnupg 2.0.12
Gnupg Gnupg 2.0.18
5
CVSSv2
CVE-2006-3746
Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote malicious users to cause a denial of service (segmentation fault) via a crafted message.
Gnupg Gnupg 1.4.4
1 EDB exploit
6.8
CVSSv2
CVE-2018-1000858
GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request Forgery (CSRF) vulnerability in dirmngr that can result in Attacker controlled CSRF, Information Disclosure, DoS. This attack appear to be exploitable via Victim must perform a WKD request, e.g. enter an email address in ...
Gnupg Gnupg
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 18.04
5
CVSSv2
CVE-2019-13050
Interaction between the sks-keyserver code up to and including 1.2.0 of the SKS keyserver network, and GnuPG up to and including 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network...
Gnupg Gnupg
Sks Keyserver Project Sks Keyserver
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.0
Opensuse Leap 15.1
F5 Traffix Signaling Delivery Controller
4.6
CVSSv2
CVE-2006-0455
gpgv in GnuPG prior to 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached signature file does not carry a signature, which could cause programs that use gpgv to assume that the signature verification has succeeded....
Gnu Privacy Guard 1.4.2
Gnu Privacy Guard 1.4
Gnu Privacy Guard 1.4.1
Gnu Privacy Guard 1.0.3
Gnu Privacy Guard 1.2.1
Gnu Privacy Guard 1.0.7
Gnu Privacy Guard 1.0.5
Gnu Privacy Guard 1.0.6
Gnu Privacy Guard 1.3.3
Gnu Privacy Guard 1.2.2
Gnu Privacy Guard 1.0
Gnu Privacy Guard 1.0.2
Gnu Privacy Guard 1.2.3
Gnu Privacy Guard 1.2.6
Gnu Privacy Guard 1.2.5
Gnu Privacy Guard 1.0.4
Gnu Privacy Guard 1.3.4
Gnu Privacy Guard 1.0.1
Gnu Privacy Guard 1.0.3b
Gnu Privacy Guard 1.2
Gnu Privacy Guard 1.2.7
Gnu Privacy Guard 1.2.4
1 EDB exploit
5
CVSSv2
CVE-2006-0049
gpg in GnuPG prior to 1.4.2.2 does not properly verify non-detached signatures, which allows malicious users to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report that the signature is ...
Gnu Privacy Guard 1.0
Gnu Privacy Guard 1.0.1
Gnu Privacy Guard 1.0.7
Gnu Privacy Guard 1.2
Gnu Privacy Guard 1.2.7
Gnu Privacy Guard 1.3.3
Gnu Privacy Guard 1.0.5
Gnu Privacy Guard 1.0.6
Gnu Privacy Guard 1.2.5
Gnu Privacy Guard 1.2.6
Gnu Privacy Guard 1.4.2.1
Gnu Privacy Guard 1.0.2
Gnu Privacy Guard 1.0.3
Gnu Privacy Guard 1.2.1
Gnu Privacy Guard 1.2.2
Gnu Privacy Guard 1.3.4
Gnu Privacy Guard 1.4
Gnu Privacy Guard 1.0.3b
Gnu Privacy Guard 1.0.4
Gnu Privacy Guard 1.2.3
Gnu Privacy Guard 1.2.4
Gnu Privacy Guard 1.4.1
10
CVSSv2
CVE-2006-6235
A "stack overwrite" vulnerability in GnuPG (gpg) 1.x prior to 1.4.6, 2.x prior to 2.0.2, and 1.9.0 up to and including 1.9.95 allows malicious users to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated...
Gnu Privacy Guard 1.3.4
Gnu Privacy Guard 1.4
Gnu Privacy Guard 1.4.1
Gnu Privacy Guard 1.9.10
Gnu Privacy Guard 1.9.15
Gnu Privacy Guard 1.2.7
Gnu Privacy Guard 1.3.3
Gnu Privacy Guard 1.4.4
Gnu Privacy Guard 1.4.5
Gnu Privacy Guard 1.2.4
Gnu Privacy Guard 1.4.2
Gnu Privacy Guard 1.4.2.1
Gnu Privacy Guard 1.9.20
Gnu Privacy Guard 2.0
Gnu Privacy Guard 1.2.5
Gnu Privacy Guard 1.2.6
Gnu Privacy Guard 1.4.2.2
Gnu Privacy Guard 1.4.3
Gnu Privacy Guard 2.0.1
Gpg4win Gpg4win 1.0.7
Redhat Enterprise Linux 4.0
Ubuntu Ubuntu Linux 5.10
6.8
CVSSv2
CVE-2014-3564
Multiple heap-based buffer overflows in the status_handler function in (1) engine-gpgsm.c and (2) engine-uiserver.c in GPGME prior to 1.5.1 allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to "different...
Gnu Gpgme
Debian Debian Linux 6.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started