Lucene search
K

1891 matches found

OSV
OSV
added 2026/07/06 6:28 a.m.4 views

OESA-2026-2858 gnupg2 security update

GnuPG is a complete and free implementation of the OpenPGP standard as defined by RFC4880 also known as PGP. GnuPG enables encryption and signing of data and communication, and features a versatile key management system as well as access modules for public key directories. Security Fixes: CMS...

2.9CVSS5.9AI score0.0011EPSS
Exploits0References2
Photon
Photon
added 2026/06/30 12:0 a.m.6 views

Critical Photon OS Security Update - PHSA-2026-5.0-0910

Updates of 'gnupg', 'python3' packages of Photon OS have been released...

8.2CVSS6.1AI score0.00613EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/29 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-57062

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CMS Cryptographic Message Syntax parsing in gpgsm in GnuPG through 2.5.20 mishandles the CMS format for AES-GCM because aes-ICVlen is supposed to be 12 bytes bu...

9.1CVSS7AI score0.00237EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 5:2 p.m.6 views

CVE-2026-57062

A flaw in GnuPG's gpgsm component improperly handles the Cryptographic Message Syntax CMS format for AES-GCM. By accepting an authentication tag length of 4 bytes instead of the required 12 bytes, this vulnerability allows for a low-impact data integrity issue where the cryptographic validity of...

2.9CVSS5.7AI score0.0011EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/23 5:26 p.m.4 views

CVE-2026-57062

CMS Cryptographic Message Syntax parsing in gpgsm in GnuPG through 2.5.20 mishandles the CMS format for AES-GCM because aes-ICVlen is supposed to be 12 bytes but 4 bytes is accepted. NOTE: this is related to CVE-2026-34182...

2.9CVSS5.8AI score0.0011EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/23 5:26 p.m.8 views

CVE-2026-57062

CMS Cryptographic Message Syntax parsing in gpgsm in GnuPG through 2.5.20 mishandles the CMS format for AES-GCM because aes-ICVlen is supposed to be 12 bytes but 4 bytes is accepted. NOTE: this is related to CVE-2026-34182...

2.9CVSS5.8AI score0.0011EPSS
Exploits0
Mageia
Mageia
added 2026/06/11 4:55 p.m.12 views

Updated gnupg2 packages fix security vulnerabilities

CVE-2025-68973, armorfilter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. CVE-2026-24882, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC key...

8.4CVSS7.3AI score0.00447EPSS
Exploits2References5
OSV
OSV
added 2026/05/27 6:18 p.m.10 views

JLSEC-2026-564 In GnuPG before 2.5.17, a crafted CMS (S/MIME) EnvelopedData message carrying an oversized...

In GnuPG before 2.5.17, a crafted CMS S/MIME EnvelopedData message carrying an oversized wrapped session key can cause a stack-based buffer overflow in gpg-agent during PKDECRYPT--kem=CMS handling. This can easily be leveraged for denial of service; however, there is also memory corruption that...

8.1CVSS6.6AI score0.01745EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/26 6:40 a.m.13 views

Security Bulletin: Vulnerabilities exists in IBM Cloud Pak for Data System (CPDS 1.0) - Cyclops.

Summary Vulnerabilities exists in IBM Cloud Pak for Data System CPDS 1.0 - Cyclops addressed in 11.3.1.1. Vulnerability Details CVEID:CVE-2022-3219 DESCRIPTION: GnuPG can be made to spin on a relatively small input by for example crafting a public key with thousands of signatures attached,...

7.5CVSS5.4AI score0.00962EPSS
Exploits3Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in gnupg2

GnuPG versions up to 2.3.6 allow for signature forgery in unusual situations where an attacker possesses secret-key information from a victim’s keyring, and other constraints such as the use of GPGME are met. This can be achieved by injecting malicious data into the command line’s status line...

6.5CVSS6.8AI score0.02551EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/12 12:0 a.m.14 views

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-11.0.1.1)

The version of AHV installed on the remote host is prior to AHV-11.0.1.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-11.0.1.1 advisory. - LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics...

9.8CVSS6.8AI score0.96267EPSS
Exploits241References12
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/22 2:23 p.m.15 views

Security Bulletin: Muliple security vulnerabilities found in IBM CICS TX Standard.

Summary Multiple security vulnerabilities found in IBM CICS TX Standard. An update to IBM CICS TX Standard has been released to address multiple vulnerabilities in brotli, gnutls, libssh, openssl, curl, binutils, gnupg2, glib2 packages. Vulnerability Details CVEID:CVE-2025-9230 DESCRIPTION: Issue...

8.8CVSS5.6AI score0.01744EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2026/03/30 12:0 a.m.8 views

Fedora: Security Advisory (FEDORA-2026-8f1d7b6821)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS5.9AI score0.00379EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2026/03/30 12:0 a.m.7 views

Fedora: Security Advisory (FEDORA-2026-936a74ccc0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS5.9AI score0.00379EPSS
Exploits1References4
Fedora
Fedora
added 2026/03/29 1:8 a.m.7 views

[SECURITY] Fedora 42 Update: rust-sequoia-chameleon-gnupg-0.13.1-11.fc42

Sequoia's reimplementation of the GnuPG interface...

6.5CVSS5.8AI score0.00379EPSS
Exploits1
Fedora
Fedora
added 2026/03/29 12:18 a.m.4 views

[SECURITY] Fedora 44 Update: rust-sequoia-chameleon-gnupg-0.13.1-11.fc44

Sequoia's reimplementation of the GnuPG interface...

6.5CVSS5.8AI score0.00379EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/03/29 12:0 a.m.6 views

Fedora 42 : rust-pty-process / rust-sequoia-chameleon-gnupg (2026-8f1d7b6821)

The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-8f1d7b6821 advisory. Rebuild rust-sequoia-chameleon-gnupg with rust-tar 0.4.45 for CVE-2026-33056. Update rust-pty-process to 0.5.3, and adjust the dev-dependency in...

6.5CVSS6AI score0.00379EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/03/29 12:0 a.m.4 views

Fedora 44 : rust-pty-process / rust-sequoia-chameleon-gnupg (2026-29e1155702)

The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-29e1155702 advisory. Rebuild rust-sequoia-chameleon-gnupg with rust-tar 0.4.45 for CVE-2026-33056. Update rust-pty-process to 0.5.3, and adjust the dev-dependency in...

6.5CVSS6AI score0.00379EPSS
Exploits1References2
Veeam
Veeam
added 2026/03/16 12:0 a.m.82 views

How to Manually Update GPG key on Veeam Hardened Repository Appliance

Article Applicability This article is specifically regarding the Veeam Hardened Repository ISO v2 appliance, which was distributed alongside Veeam Backup & Replication 12. For information about manually updating the GPG key on the appliances associated with Veeam Backup & Replication 13, review...

5.8AI score
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2026/03/16 12:0 a.m.7 views

Huawei EulerOS: Security Advisory for gnupg2 (EulerOS-SA-2026-1554)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS5.8AI score0.00129EPSS
Exploits1References2
Rows per page
Query Builder