CVE-2026-2686

A security vulnerability has been detected in SECCN Dingcheng G10 3.1.0.181203. This impacts the function qq of the file /cgi-bin/sessionlogin.cgi. The manipulation of the argument User leads to os command injection. The attack is possible to be carried out remotely. The exploit has been disclose...

CVE-2026-2686

A security vulnerability has been detected in SECCN Dingcheng G10 3.1.0.181203. This impacts the function qq of the file /cgi-bin/sessionlogin.cgi. The manipulation of the argument User leads to os command injection. The attack is possible to be carried out remotely. The exploit has been disclose...

CVE-2026-2686 SECCN Dingcheng G10 session_login.cgi qq os command injection

A security vulnerability has been detected in SECCN Dingcheng G10 3.1.0.181203. This impacts the function qq of the file /cgi-bin/sessionlogin.cgi. The manipulation of the argument User leads to os command injection. The attack is possible to be carried out remotely. The exploit has been disclose...

CVE-2026-2686 SECCN Dingcheng G10 session_login.cgi qq os command injection

A security vulnerability has been detected in SECCN Dingcheng G10 3.1.0.181203. This impacts the function qq of the file /cgi-bin/sessionlogin.cgi. The manipulation of the argument User leads to os command injection. The attack is possible to be carried out remotely. The exploit has been disclose...

SECCN Dingcheng G10 操作系统命令注入漏洞

SECCN Dingcheng G10 is an industrial-grade edge computing gateway developed by SECCN Technology. Version 3.1.0.181203 of SECCN Dingcheng G10 contains a vulnerability related to operating system command injection. This vulnerability arises from incorrect handling of the parameter “User” in the fil...

PT-2026-20559

Name of the Vulnerable Software and Affected Versions SECCN Dingcheng G10 version 3.1.0.181203 Description A security issue has been identified in SECCN Dingcheng G10 version 3.1.0.181203. The qq function within the /cgi-bin/session login.cgi file is susceptible to operating system command...

AZL-73204 CVE-2025-68973 affecting package gnupg2 for versions less than 2.4.9-1

In GnuPG before 2.4.9, armorfilter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. For ExtendedLTS, 2.2.51 and later are fixed versions...

CVE-2025-68973

In GnuPG before 2.4.9, armorfilter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. For ExtendedLTS, 2.2.51 and later are fixed versions...

PT-2025-53659

Name of the Vulnerable Software and Affected Versions GnuPG versions prior to 2.4.9 GnuPG versions 2.2.51 and earlier Description The issue resides in the armor filter function within the g10/armor.c file. A flaw exists due to two increments of an index variable where only one is intended. This...

K21284031: GnuPG vulnerability CVE-2014-4617

Security Advisory Description The douncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service infinite loop via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence. CVE-2014-4617...

Denial Of Service (DoS)

GnuPG is vulnerable to denial of service. Due to an array overflow, it causes a crash or possibly unspecified other impact, when a victim imports an attacker's OpenPGP key, and this key has AEAD preferences. The overflow is caused by a g10/key-check.c error...

Command Execution Vulnerability in Cloud Root G10 4G

Yungen G10 4G is an in-car entertainment terminal that adapts to more than two hundred models from more than ten manufacturers, including Volkswagen, Great Wall and Changan. A command execution vulnerability exists in the Cloud Root G10 4G. An attacker can exploit the vulnerability to gain root...

CVE-2020-25125

GnuPG 2.2.21 and 2.2.22 and Gpg4win 3.1.12 has an array overflow, leading to a crash or possibly unspecified other impact, when a victim imports an attacker's OpenPGP key, and this key has AEAD preferences. The overflow is caused by a g10/key-check.c error. NOTE: GnuPG 2.3.x is unaffected. GnuPG...

Denial Of Service (DoS)

gnupg2 is vulnerable to denial of service DoS attacks. The vulnerability exists as the readblock function in g10/import.c in GnuPG 1.4.x before 1.4.13 and 2.0.x through 2.0.19, when importing a key, allows remote attackers to corrupt the public keyring database or cause a denial of service...

Fedora 27 : gnupg (2018-69780fc4d7)

New upstream v1.4.23 1589802,1589620,1589624 - Remove patches included in upstream release - Note that this includes the fix for CVE-2018-12020 ---- - doc Remove documentation for future option faked sys - build Don't use dev srandom on OpenBSD - Do not use C99 feature - g10 Fix regexp...

Design/Logic Flaw

The douncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service infinite loop via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence...