Lucene search
K

21 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/09 12:0 a.m.5 views

Siemens Ruggedcom ROX Improper Input Validation (CVE-2018-9234)

GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey. This plugin only works with Tenable.ot. Please visit...

7.5CVSS6.8AI score0.02082EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2018-9234

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid...

7.5CVSS6.7AI score0.02082EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.19 views

RHEL 5 : gnupg (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signing...

8AI score0.02663EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/09/29 12:0 a.m.27 views

SUSE SLES12 Security Update : gpg2 (SUSE-SU-2023:3857-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3857-1 advisory. - CVE-2018-9234: Fixed unenforced configuration allows for apparently valid certifications actually signed by signing subkeys bsc1088255...

7.5CVSS6.9AI score0.02082EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2023/09/29 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2023:3857-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.02082EPSS
Exploits0References4
OSV
OSV
added 2023/09/28 8:32 a.m.6 views

SUSE-SU-2023:3857-1 Security update for gpg2

This update for gpg2 fixes the following issues: - CVE-2018-9234: Fixed unenforced configuration allows for apparently valid certifications actually signed by signing subkeys bsc1088255...

7.5CVSS7.5AI score0.02082EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.12 views

Mageia: Security Advisory (MGASA-2018-0254)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.02082EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/03/24 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for gnupg2 (EulerOS-SA-2021-1677)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.02082EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.25 views

EulerOS Virtualization 3.0.6.6 : gnupg2 (EulerOS-SA-2021-1479)

According to the version of the gnupg2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which resul...

7.5CVSS6.9AI score0.02082EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/03/05 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for gnupg2 (EulerOS-SA-2021-1435)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.02082EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.21 views

Huawei EulerOS: Security Advisory for gnupg2 (EulerOS-SA-2019-2589)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.03305EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.15 views

Huawei EulerOS: Security Advisory for gnupg2 (EulerOS-SA-2019-2393)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.03305EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/12/10 12:0 a.m.22 views

EulerOS 2.0 SP2 : gnupg2 (EulerOS-SA-2019-2393)

According to the versions of the gnupg2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in...

7.5CVSS6.8AI score0.03305EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2018/06/12 12:0 a.m.30 views

Ubuntu: Security Advisory (USN-3675-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.2AI score0.08654EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2018/06/11 9:53 p.m.71 views

USN-3675-1: GnuPG vulnerabilities

Marcus Brinkmann discovered that during decryption or verification, GnuPG did not properly filter out terminal sequences when reporting the original filename. An attacker could use this to specially craft a file that would cause an application parsing GnuPG output to incorrectly interpret the...

7.5CVSS7.1AI score0.08654EPSS
Exploits0
Amazon
Amazon
added 2018/05/25 12:0 a.m.528 views

Low: gnupg2

Issue Overview: Unenforced configuration allows for apparently valid certifications actually signed by signing subkeys: GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that...

7.5CVSS7AI score0.02082EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/04/18 12:0 a.m.33 views

Fedora 26 : gnupg2 (2018-42a426b17e)

Minor update from upstream with fix for CVE-2018-9234 and other bug fixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

7.5CVSS6.8AI score0.02082EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/04/18 12:0 a.m.19 views

Fedora Update for gnupg2 FEDORA-2018-42a426b17e

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.02082EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/04/16 12:0 a.m.26 views

Fedora 27 : gnupg2 (2018-3fc05e009d)

Minor update from upstream with fix for CVE-2018-9234 and other bug fixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

7.5CVSS6.8AI score0.02082EPSS
Exploits0References2
OSV
OSV
added 2018/04/04 12:29 a.m.12 views

CVE-2018-9234

GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey...

7.5CVSS7.5AI score
Exploits0References2
Rows per page
Query Builder