CVSS: 7.5EPSS: 1%CPEs: 30EXPL: 0CVE-2013-4351 – gnupg: treats no-usage-permitted keys as all-usages-permitted
https://notcve.org/view.php?id=CVE-2013-4351
09 Oct 2013 — GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey. GnuPG 1.4.x, y 2.1.x trata un subpaquete de flags clave con todos los bits a 0 (sin uso permitido) como si tuviera todos los bits establecidos (todo uso permitido) lo que permitiría a atacantes remotos evadir mecanismos de protección criptográfi... • http://lists.opensuse.org/opensuse-updates/2013-10/msg00003.html • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 4%CPEs: 29EXPL: 0CVE-2013-4402 – GnuPG: infinite recursion in the compressed packet parser DoS
https://notcve.org/view.php?id=CVE-2013-4402
09 Oct 2013 — The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message. El analizador de paquetes comprimido en GnuPG versiones 1.4.x anteriores a 1.4.15 y versiones 2.0.x anteriores a 2.0.22, permite a los atacantes remotos causar una denegación de servicio (recursión infinita) por medio de un mensaje OpenPGP diseñado. The GNU Privacy Guard is a tool for encrypting data and creating digital si... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725433 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 96EXPL: 0CVE-2013-4242 – GnuPG susceptible to Yarom/Falkner flush+reload cache side-channel attack
https://notcve.org/view.php?id=CVE-2013-4242
29 Jul 2013 — GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload. GnuPG anterior a 1.4.14, y Libgcrypt anterior a 1.5.3 usado en GnuPG 2.0.x y posiblemente otros productos, permite a usuarios locales obtener las claves RSA privadas a través de un ataque "side-channel" que involucra la caché L3. Aka Flush+Reload. The GNU Privacy Guard is a tool for encrypti... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717880 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 2%CPEs: 27EXPL: 1CVE-2012-6085 – GnuPG: read_block() corrupt key input validation
https://notcve.org/view.php?id=CVE-2012-6085
24 Jan 2013 — The read_block function in g10/import.c in GnuPG 1.4.x before 1.4.13 and 2.0.x through 2.0.19, when importing a key, allows remote attackers to corrupt the public keyring database or cause a denial of service (application crash) via a crafted length field of an OpenPGP packet. La función "read_block" en g10/import.c en GnuPG v1.4.x anterior a v1.4.13 y v2.0.x a la v2.0.19, cuando se importa una clave, permite a atacantes remotos corromper la base de datos del anillo de claves publicas (caída de la aplicació... • http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git%3Ba=commitdiff%3Bh=f0b33b6fb8e0586e9584a7a409dcc31263776a67 • CWE-20: Improper Input Validation •
CVSS: 8.1EPSS: 15%CPEs: 3EXPL: 0CVE-2010-2547 – 2: use-after-free when importing certificate with many alternate names
https://notcve.org/view.php?id=CVE-2010-2547
05 Aug 2010 — Use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG 2.x through 2.0.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a certificate with a large number of Subject Alternate Names, which is not properly handled in a realloc operation when importing the certificate or verifying its signature. Vulnerabilidad de uso después de la liberación (use-after-free) en kbx/keybox-blob.c en GPGSM de GnuPG v2.x hasta v2.0.16 permite a atacantes remotos ... • http://lists.fedoraproject.org/pipermail/package-announce/2010-August/044935.html • CWE-416: Use After Free •
CVSS: 9.8EPSS: 4%CPEs: 2EXPL: 0CVE-2008-1530
https://notcve.org/view.php?id=CVE-2008-1530
27 Mar 2008 — GnuPG (gpg) 1.4.8 and 2.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted duplicate keys that are imported from key servers, which triggers "memory corruption around deduplication of user IDs." GnuPG (gpg) 1.4.8 y 2.0.8 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección a través de claves duplicadas manipuladas que son importadas de un servidor de claves, lo cual dispara "corrupc... • http://lists.gnupg.org/pipermail/gnupg-announce/2008q1/000272.html • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 16%CPEs: 2EXPL: 1CVE-2007-1263 – GnuPG 1.x - Signed Message Arbitrary Content Injection
https://notcve.org/view.php?id=CVE-2007-1263
06 Mar 2007 — GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a message without detection. GnuPG 1.4.6 y anteriores y GPGME anterior a 1.1.4, al ser ejecutado desde la línea de comandos, no distingue visualmente trozos firmados de no firmados en mensajes OpenPGP con múltiples componentes, lo cual podría permitir a atacantes rem... • https://www.exploit-db.com/exploits/29689 •
CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 0CVE-2006-6169 – : gnupg2 < 2.0.1 buffer overflow
https://notcve.org/view.php?id=CVE-2006-6169
29 Nov 2006 — Heap-based buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages with "C-escape" expansions, which cause the make_printable_string function to return a longer string than expected while constructing a prompt. Desbordamiento de búfer basado en montículo en la función ask_outfile_name en el openfile.c para GnuPG (gpg) 1.4 y 2.0, cuando se está ejecutando interactivamente, podría permi... • ftp://patches.sgi.com/support/free/security/advisories/20061201-01-P.asc •
CVSS: 9.8EPSS: 32%CPEs: 1EXPL: 4CVE-2006-3746 – GnuPG 1.4/1.9 - Parse_Comment Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-3746
28 Jul 2006 — Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote attackers to cause a denial of service (segmentation fault) via a crafted message. Desbordamiento de búfer de enteros en parse_comment en GnuPG (gpg) 1.4.4 permite a atacantes remotos provocar denegación de servicio (fallo de segmentación) a través de un mensaje manipulado. • https://www.exploit-db.com/exploits/28257 •
CVSS: 7.5EPSS: 22%CPEs: 2EXPL: 1CVE-2006-3082 – GnuPG 1.4.3/1.9.x - Parse_User_ID Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-3082
19 Jun 2006 — parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to an integer overflow, as demonstrated using the --no-armor option. parse-packet.c en GnuPG (gpg) v1.4.3, v1.9.20 y versiones anteriores, permite a atacantes remotos provocar una denegación de servicio (caída de gpg) y posiblemente sobrescribir la memoria a través ... • https://www.exploit-db.com/exploits/28077 • CWE-189: Numeric Errors •