Lucene search
K

410 matches found

RedhatCVE
RedhatCVE
added 2026/01/28 6:20 a.m.7 views

CVE-2026-24881

A flaw was found in GnuPG. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax CMS EnvelopedData message. This message, containing an oversized wrapped session key, can cause a stack-based buffer overflow in the gpg-agent component...

9.8CVSS6.3AI score0.01745EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/01/28 6:14 a.m.7 views

CVE-2026-24882

A flaw was found in GnuPG. This vulnerability, a stack-based buffer overflow, occurs in the tpm2daemon component when processing PKDECRYPT commands for cryptographic keys secured by a Trusted Platform Module TPM. A local attacker could exploit this to execute unauthorized code, potentially gainin...

8.4CVSS6.1AI score0.00421EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/01/28 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-24881

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GnuPG before 2.5.17, a crafted CMS S/MIME EnvelopedData message carrying an oversized wrapped session key can cause a stack-based buffer overflow in gpg-agen...

9.8CVSS6.5AI score0.01745EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/28 12:0 a.m.5 views

RHEL 8 : gnupg2 (RHSA-2026:1468)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1468 advisory. The GNU Privacy Guard GnuPG or GPG is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Securi...

7.8CVSS6.3AI score0.00129EPSS
Exploits1References4
NVD
NVD
added 2026/01/27 7:16 p.m.10 views

CVE-2026-24881

In GnuPG before 2.5.17, a crafted CMS S/MIME EnvelopedData message carrying an oversized wrapped session key can cause a stack-based buffer overflow in gpg-agent during PKDECRYPT--kem=CMS handling. This can easily be leveraged for denial of service; however, there is also memory corruption that...

9.8CVSS0.01745EPSS
Exploits1References5
NVD
NVD
added 2026/01/27 7:16 p.m.10 views

CVE-2026-24882

In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys...

8.4CVSS0.00421EPSS
Exploits1References7
Debian CVE
Debian CVE
added 2026/01/27 6:43 p.m.7 views

CVE-2026-24883

In GnuPG before 2.5.17, a long signature packet length causes parsesignature to return success with sig-data set to a NULL value, leading to a denial of service application crash...

5.5CVSS5.2AI score0.00447EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/01/27 6:43 p.m.5 views

CVE-2026-24883

In GnuPG before 2.5.17, a long signature packet length causes parsesignature to return success with sig-data set to a NULL value, leading to a denial of service application crash...

3.7CVSS5.9AI score0.00447EPSS
Exploits0References2
CVE
CVE
added 2026/01/27 6:43 p.m.26 views

CVE-2026-24883

CVE-2026-24883 affects GnuPG prior to 2.5.17. A long signature packet length makes parse_signature return success with sig->data[] set to NULL, causing a denial of service (application crash). Multiple advisories (SUSE/openSUSE) reference this issue; remediation is to apply the fixed version (...

5.5CVSS5.9AI score0.00447EPSS
Exploits0References2Affected Software2
EUVD
EUVD
added 2026/01/27 6:43 p.m.6 views

EUVD-2026-4770

In GnuPG before 2.5.17, a long signature packet length causes parsesignature to return success with sig-data set to a NULL value, leading to a denial of service application crash...

3.7CVSS5.9AI score0.00447EPSS
Exploits0References2
OSV
OSV
added 2026/01/27 6:43 p.m.5 views

CVE-2026-24883

In GnuPG before 2.5.17, a long signature packet length causes parsesignature to return success with sig-data set to a NULL value, leading to a denial of service application crash...

3.7CVSS5.3AI score0.00447EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/01/27 6:40 p.m.7 views

CVE-2026-24882

In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys...

8.4CVSS6.2AI score0.00421EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/01/27 6:40 p.m.20 views

CVE-2026-24882

In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys...

8.4CVSS0.00421EPSS
Exploits1References2
CVE
CVE
added 2026/01/27 6:40 p.m.58 views

CVE-2026-24882

CVE-2026-24882 : In GnuPG

8.4CVSS6.2AI score0.00421EPSS
Exploits1References7Affected Software2
Debian CVE
Debian CVE
added 2026/01/27 6:40 p.m.3 views

CVE-2026-24882

In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys...

8.4CVSS6AI score0.00421EPSS
Exploits1
OSV
OSV
added 2026/01/27 6:40 p.m.7 views

CVE-2026-24882

In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys...

8.4CVSS5.6AI score0.00421EPSS
Exploits1References9
CVE
CVE
added 2026/01/27 6:36 p.m.34 views

CVE-2026-24881

CVE-2026-24881 affects GnuPG before 2.5.17. A crafted CMS (S/MIME) EnvelopedData message with an oversized wrapped session key can trigger a stack-based buffer overflow in gpg-agent during PKDECRYPT--kem=CMS handling. This may lead to denial of service, and memory corruption could enable remote c...

9.8CVSS6.5AI score0.01745EPSS
Exploits1References5Affected Software2
EUVD
EUVD
added 2026/01/27 6:36 p.m.9 views

EUVD-2026-4768

In GnuPG before 2.5.17, a crafted CMS S/MIME EnvelopedData message carrying an oversized wrapped session key can cause a stack-based buffer overflow in gpg-agent during PKDECRYPT--kem=CMS handling. This can easily be leveraged for denial of service; however, there is also memory corruption that...

8.1CVSS6.5AI score0.01745EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/01/27 6:36 p.m.3 views

CVE-2026-24881

In GnuPG before 2.5.17, a crafted CMS S/MIME EnvelopedData message carrying an oversized wrapped session key can cause a stack-based buffer overflow in gpg-agent during PKDECRYPT--kem=CMS handling. This can easily be leveraged for denial of service; however, there is also memory corruption that...

8.1CVSS6.5AI score0.01745EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2026/01/27 6:36 p.m.10 views

CVE-2026-24881

In GnuPG before 2.5.17, a crafted CMS S/MIME EnvelopedData message carrying an oversized wrapped session key can cause a stack-based buffer overflow in gpg-agent during PKDECRYPT--kem=CMS handling. This can easily be leveraged for denial of service; however, there is also memory corruption that...

9.8CVSS6.7AI score0.01745EPSS
Exploits1
Rows per page
Query Builder