Search CVE reports
31 – 38 of 38 results
CVE-2007-1263
Unknown prioritySome fixes available 23 of 24
GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge...
3 affected packages
gnupg, gnupg2, gpgme1.0
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gnupg | — | — | — | — | — |
gnupg2 | — | — | — | — | — |
gpgme1.0 | — | — | — | — | — |
CVE-2006-6235
Unknown prioritySome fixes available 15 of 16
A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function...
2 affected packages
gnupg, gnupg2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gnupg | — | — | — | — | — |
gnupg2 | — | — | — | — | — |
CVE-2006-6169
Unknown prioritySome fixes available 10 of 11
Heap-based buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages with "C-escape" expansions, which...
2 affected packages
gnupg, gnupg2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gnupg | — | — | — | — | — |
gnupg2 | — | — | — | — | — |
CVE-2006-3746
Unknown prioritySome fixes available 15 of 16
Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote attackers to cause a denial of service (segmentation fault) via a crafted message.
2 affected packages
gnupg, gnupg2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gnupg | — | — | — | — | — |
gnupg2 | — | — | — | — | — |
CVE-2006-3082
Unknown prioritySome fixes available 15 of 16
parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string),...
2 affected packages
gnupg, gnupg2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gnupg | — | — | — | — | — |
gnupg2 | — | — | — | — | — |
CVE-2006-0049
Unknown prioritygpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated...
1 affected package
gnupg
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gnupg | — | — | — | — | — |
CVE-2006-0455
Unknown prioritygpgv in GnuPG before 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached signature file does not carry a signature, which could cause programs that use gpgv to...
1 affected package
gnupg
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gnupg | — | — | — | — | — |
CVE-2005-0366
Unknown priorityThe integrity check feature in OpenPGP, when handling a message that was encrypted using cipher feedback (CFB) mode, allows remote attackers to recover part of the plaintext via a chosen-ciphertext attack when the first 2 bytes of...
1 affected package
gnupg
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gnupg | — | — | — | — | — |