Lucene search
K

85 matches found

OSV
OSV
added 2015/12/22 7:44 a.m.7 views

SUSE-SU-2015:2171-1 Security update for gpg2

The gpg2 package was updated to fix the following security and non security issues: - CVE-2015-1606: Fixed invalid memory read using a garbled keyring bsc918089. - CVE-2015-1607: Fixed memcpy with overlapping ranges bsc918090. - bsc955753: Fixed a regression of 'gpg --recv' due to keyserver impor...

5.5CVSS5.6AI score0.02473EPSS
Exploits0References7
OSV
OSV
added 2015/12/22 7:44 a.m.7 views

SUSE-SU-2015:2171-2 Security update for gpg2

The gpg2 package was updated to fix the following security and non security issues: - CVE-2015-1606: Fixed invalid memory read using a garbled keyring bsc918089. - CVE-2015-1607: Fixed memcpy with overlapping ranges bsc918090. - bsc955753: Fixed a regression of 'gpg --recv' due to keyserver impor...

5.5CVSS5.6AI score0.02473EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2015/07/31 12:0 a.m.20 views

Ubuntu 14.04 LTS : HPLIP vulnerability (USN-2699-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2699-1 advisory. Enrico Zini discovered that HPLIP used a short GPG key ID when downloading keys from the keyserver. An attacker could possibly use this to return a different key...

8.1CVSS7.6AI score0.06296EPSS
Exploits0References2
OSV
OSV
added 2015/07/30 4:56 p.m.3 views

USN-2699-1 hplip vulnerability

Enrico Zini discovered that HPLIP used a short GPG key ID when downloading keys from the keyserver. An attacker could possibly use this to return a different key with a duplicate short key id and perform a machine-in-the-middle attack on printer plugin installations...

8.1CVSS7.3AI score0.06296EPSS
Exploits0References2
Debian
Debian
added 2015/06/07 7:0 p.m.11 views

[SECURITY] [DSA 3281-1] Debian Security Team PGP/GPG key change notice

------------------------------------------------------------------------- Debian Security Advisory DSA-3281-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst June 7, 2015 http://www.debian.org/security/faq -...

7.1AI score
Exploits0
UbuntuCve
UbuntuCve
added 2015/06/01 12:0 a.m.16 views

CVE-2015-0839

The hp-plugin utility in HP Linux Imaging and Printing HPLIP makes it easier for man-in-the-middle attackers to execute arbitrary code by leveraging use of a short GPG key id from a keyserver to verify print plugin downloads...

8.1CVSS7.4AI score0.06296EPSS
Exploits0References3
OSV
OSV
added 2015/04/01 1:23 p.m.3 views

USN-2554-1 gnupg, gnupg2 vulnerabilities

Daniel Genkin, Lev Pachmanov, Itamar Pipman, and Eran Tromer discovered that GnuPG was susceptible to an attack via physical side channels. A local attacker could use this attack to possibly recover private keys. CVE-2014-3591 Daniel Genkin, Adi Shamir, and Eran Tromer discovered that GnuPG was...

5.9CVSS6.6AI score0.02473EPSS
Exploits0References6
Kitploit
Kitploit
added 2014/10/26 11:33 p.m.21 views

TorBirdy - Torbutton for Thunderbird

TorBirdy is Torbutton for Thunderbird, Icedove and related Mozilla mail clients. It may also work with other non-web browser Mozilla programs such as Sunbird. This extension configures Thunderbird to make connections over the Tor anonymity network. Notable changes in this release include: 0.1.3, ...

7.3AI score
Exploits0
Debian
Debian
added 2014/09/14 7:23 a.m.32 views

[SECURITY] [DLA 53-1] gnupg security update

Package : gnupg Version : 1.4.10-4+squeeze6 CVE ID : CVE-2014-5270 Genkin, Pipman and Tromer discovered a side-channel attack on Elgamal encryption subkeys CVE-2014-5270. In addition, this update hardens GnuPGs behaviour when treating keyserver responses; GnuPG now filters keyserver responses to...

2.1CVSS6.7AI score0.00531EPSS
Exploits0
OSV
OSV
added 2014/09/14 12:0 a.m.20 views

DLA-54-1 gnupg - security-update

Bulletin has no description...

2.1CVSS5.8AI score0.00531EPSS
Exploits0
Debian
Debian
added 2014/09/11 8:35 p.m.21 views

[SECURITY] [DSA 3024-1] gnupg security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3024-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst September 11, 2014 http://www.debian.org/security/faq -...

2.1CVSS5.6AI score0.00531EPSS
Exploits0
OSV
OSV
added 2014/09/11 12:0 a.m.24 views

DSA-3024-1 gnupg - security update

Bulletin has no description...

2.1CVSS5.8AI score0.00531EPSS
Exploits0
Fedora
Fedora
added 2014/08/27 1:32 a.m.21 views

[SECURITY] Fedora 20 Update: sks-1.1.5-2.fc20

SKS is a OpenPGP keyserver whose goal is to provide easy to deploy, decentralized, and highly reliable synchronization...

4.3CVSS1.7AI score0.01925EPSS
Exploits1
Fedora
Fedora
added 2014/08/27 1:31 a.m.25 views

[SECURITY] Fedora 19 Update: sks-1.1.5-2.fc19

SKS is a OpenPGP keyserver whose goal is to provide easy to deploy, decentralized, and highly reliable synchronization...

4.3CVSS1.7AI score0.01925EPSS
Exploits1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.32 views

Network Associates PGP KeyServer 7 LDAP Buffer Overflow

No description provided by source. $Id: pgpkeyserver7.rb 11039 2010-11-14 19:03:24Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/06/27 12:0 a.m.11 views

Fedora 20 : gnupg-1.4.17-1.fc20 (2014-7676)

New upstream v1.4.17 - Avoid DoS due to garbled compressed data packets. - Screen keyserver reponses to avoid import of unwanted keys by rogue servers. - Add hash algorithms to the 'sig' records of the colon output. - More specific reason codes for INVRECP status. - Drop gpg.ru.1 Note that Tenabl...

5.5AI score
Exploits0References1
NVD
NVD
added 2014/05/08 2:29 p.m.13 views

CVE-2014-3207

Cross-site scripting XSS vulnerability in wserver.ml in SKS Keyserver before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to pks/lookup/undefined1...

4.3CVSS5.6AI score0.01925EPSS
Exploits1References5
OSV
OSV
added 2014/05/08 2:29 p.m.2 views

DEBIAN-CVE-2014-3207

Cross-site scripting XSS vulnerability in wserver.ml in SKS Keyserver before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to pks/lookup/undefined1...

4.3CVSS6AI score0.01925EPSS
Exploits1References1
OSV
OSV
added 2014/05/08 2:29 p.m.5 views

CVE-2014-3207

Cross-site scripting XSS vulnerability in wserver.ml in SKS Keyserver before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to pks/lookup/undefined1...

5.5AI score
Exploits0References6
UbuntuCve
UbuntuCve
added 2014/05/08 2:29 p.m.16 views

CVE-2014-3207

Cross-site scripting XSS vulnerability in wserver.ml in SKS Keyserver before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to pks/lookup/undefined1...

4.3CVSS6AI score0.01925EPSS
Exploits1References3
Rows per page
Query Builder