Gnupg

Gnupg

36 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 4.04%
  • Veröffentlicht 27.03.2008 23:44:00
  • Zuletzt bearbeitet 16.06.2026 22:51:55

GnuPG (gpg) 1.4.8 and 2.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted duplicate keys that are imported from key servers, which triggers "memory corruption around deduplication of user...

  • EPSS 5.36%
  • Veröffentlicht 06.03.2007 20:19:00
  • Zuletzt bearbeitet 16.06.2026 22:37:15

GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a mes...

  • EPSS 3.17%
  • Veröffentlicht 29.11.2006 18:28:00
  • Zuletzt bearbeitet 16.06.2026 22:32:36

Heap-based buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages with "C-escape" expansions, which cause the make_printable...

Exploit
  • EPSS 7.08%
  • Veröffentlicht 28.07.2006 21:04:00
  • Zuletzt bearbeitet 16.06.2026 22:27:43

Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote attackers to cause a denial of service (segmentation fault) via a crafted message.

  • EPSS 7.17%
  • Veröffentlicht 19.06.2006 18:02:00
  • Zuletzt bearbeitet 16.06.2026 22:26:21

parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to a...

  • EPSS 2.95%
  • Veröffentlicht 02.05.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:10:59

The integrity check feature in OpenPGP, when handling a message that was encrypted using cipher feedback (CFB) mode, allows remote attackers to recover part of the plaintext via a chosen-ciphertext attack when the first 2 bytes of a message block are...