Lucene search
K

410 matches found

OSV
OSV
added 2016/12/13 8:59 p.m.2 views

DEBIAN-CVE-2016-6313

The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits...

5.3CVSS5.7AI score0.03597EPSS
Exploits0References1
Fedora
Fedora
added 2016/09/07 1:52 a.m.29 views

[SECURITY] Fedora 23 Update: libgcrypt-1.6.6-1.fc23

Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version...

5.3CVSS2.5AI score0.03597EPSS
Exploits0
Fedora
Fedora
added 2016/08/27 11:9 a.m.29 views

[SECURITY] Fedora 25 Update: libgcrypt-1.6.6-1.fc25

Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version...

5.3CVSS2.5AI score0.03597EPSS
Exploits0
Fedora
Fedora
added 2016/08/20 9:53 p.m.14 views

[SECURITY] Fedora 24 Update: libgcrypt-1.6.6-1.fc24

Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version...

2.5AI score
Exploits0
OSV
OSV
added 2016/08/18 6:28 p.m.2 views

USN-3064-1 gnupg vulnerability

Felix Dörre and Vladimir Klebanov discovered that GnuPG incorrectly handled mixing functions in the random number generator. An attacker able to obtain 4640 bits from the RNG can trivially predict the next 160 bits of output...

5.3CVSS6.3AI score0.03597EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2016/08/18 12:39 p.m.49 views

GPG Patches 18-Year-Old Libgcrypt RNG Bug

New versions of Libgcrypt and Gnu Privacy Guard GnuPG or GPG released on Wednesday include security fixes for vulnerabilities discovered in the mixing functions of the Libgcrypt random number generator. The flaws were privately disclosed by Felix Dörre and Vladimir Klebanov of Karlsruhe Institute...

4.3CVSS6.7AI score0.03438EPSS
Exploits0References3
OSV
OSV
added 2016/08/17 12:0 a.m.2 views

UBUNTU-CVE-2016-6313

The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits...

5.3CVSS6.3AI score0.03597EPSS
Exploits0References5
Fedora
Fedora
added 2016/08/05 8:52 p.m.31 views

[SECURITY] Fedora 23 Update: libgcrypt-1.6.5-1.fc23

Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version...

2CVSS2.5AI score0.00429EPSS
Exploits0
Fedora
Fedora
added 2016/07/22 6:24 p.m.28 views

[SECURITY] Fedora 24 Update: libgcrypt-1.6.5-1.fc24

Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version...

2CVSS2.5AI score0.00429EPSS
Exploits0
hackapp
hackapp
added 2016/03/16 10:18 p.m.17 views

Gnu Privacy Guard - Dangerous filesystem permissions, Exported ContentProvider, Runtime privilege escalation vulnerabilities

HackApp vulnerability scanner discovered that application Gnu Privacy Guard published at the 'play' market has multiple vulnerabilities...

1.1AI score
Exploits0References1Affected Software1
Cent OS
Cent OS
added 2015/11/30 7:33 p.m.97 views

grub2 security update

CentOS Errata and Security Advisory CESA-2015:2401 Updated grub2 packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scori...

2.6CVSS5.7AI score0.00335EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2015/11/19 6:2 a.m.4 views

redhat-upgrade-tool: does not check GPG signatures on package installation

It was found that the redhat-upgrade-tool did not check GPG signatures on downloaded and installed packages during the upgrade process...

10CVSS7.3AI score0.01064EPSS
Exploits0References4
CNVD
CNVD
added 2015/10/15 12:0 a.m.4 views

Simple Streams Disk Forgery Vulnerability

Simple Streams is a library and tool for using simple streaming data. A vulnerability in Simple Streams fails to properly validate the GPG signature of a disk image file. Allowing a remote attacker to forge a disk image with a 403 response...

6.8CVSS6.9AI score0.01709EPSS
Exploits1References1
OSV
OSV
added 2015/06/01 12:0 a.m.4 views

UBUNTU-CVE-2015-0839

The hp-plugin utility in HP Linux Imaging and Printing HPLIP makes it easier for man-in-the-middle attackers to execute arbitrary code by leveraging use of a short GPG key id from a keyserver to verify print plugin downloads...

8.1CVSS7.6AI score0.06296EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2015/04/29 12:0 a.m.7 views

Vulnerabilities of the SUSE Linux Enterprise operating system, which allow a malicious individual to compromise the integrity of protected information

The multiple vulnerabilities of the gpg package in the SUSE Linux Enterprise operating system can be exploited, leading to a breach of the integrity of the protected information. These vulnerabilities can be exploited remotely...

5CVSS7.1AI score0.01736EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.5 views

The vulnerability of the CentOS operating system allows a malicious attacker to compromise the integrity and accessibility of protected information.

The vulnerability of the gnupg-1.4.5 package of the CentOS operating system can lead to a violation of the integrity and accessibility of protected information. This vulnerability can be exploited remotely...

5.8CVSS6.6AI score0.00451EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.3 views

The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the integrity and accessibility of protected information.

The vulnerability of the gnupg-1.4.5 package of the Red Hat Enterprise Linux operating system can lead to a violation of the integrity and accessibility of protected information. This vulnerability can be exploited remotely...

5.8CVSS6.6AI score0.00451EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.11 views

Vulnerabilities in the OpenSUSE operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities of the gpg package in the OpenSUSE operating system can be exploited, leading to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

10CVSS7.1AI score0.05713EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.5 views

The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the gnupg-1.2.6 package for the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...

10CVSS5.4AI score0.05359EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.13 views

Vulnerabilities in the OpenSUSE operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the gpg2 package of the OpenSUSE operating system can lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

10CVSS7.1AI score0.05713EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder