Lucene search
K

1377 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.9 views

CentOS 9 : rust-rpm-sequoia-1.10.2.1-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the rust- rpm-sequoia-1.10.2.1-1.el9 build changelog. - Update sequoia-openpgp to version 2.3.0. This includes three security relevant fixes assigned CVE-2026-42783, CVE-2026-42784, and...

5.8AI score
Exploits0References2
Fedora
Fedora
added 2026/05/15 2:34 a.m.11 views

[SECURITY] Fedora 44 Update: rust-sequoia-sqv-1.3.0-6.fc44

A simple OpenPGP signature verification program...

5.8AI score
Exploits0
Debian CVE
Debian CVE
added 2026/05/15 2:34 a.m.14 views

CVE-2026-42783

openpgp: Reject nested embedded signatures...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/13 12:0 a.m.15 views

GNU Privacy Guard 2.5.20

GnuPG the GNU Privacy Guard or GPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As suc...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.10 views

Fedora 45 : rust-podman-sequoia / rust-rpm-sequoia / etc (2026-5272623baf)

The remote Fedora 45 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-5272623baf advisory. Update sequoia-openpgp to version 2.3.0. This includes three security relevant fixes assigned CVE-2026-42783, CVE-2026-42784, and CVE-not-...

5.8AI score
Exploits0References3
Fedora
Fedora
added 2026/05/08 7:29 p.m.29 views

[SECURITY] Fedora 44 Update: gnutls-3.8.13-1.fc44

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, OpenPGP and...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/30 12:0 a.m.17 views

GNU Transport Layer Security Library 3.8.13

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS 12, OpenPGP, and other...

7.5CVSS5.1AI score0.01335EPSS
Exploits2
OSV
OSV
added 2026/04/17 6:31 p.m.3 views

GHSA-CJ8J-37RH-8475 Bouncy Castle Uncontrolled Resource Consumption vulnerability

Allocation of resources without limits or throttling vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpg on all pg modules. This issue affects BC-JAVA before 1.84. Unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion...

8.7CVSS5.7AI score0.00758EPSS
Exploits0References4
OSV
OSV
added 2026/04/17 1:7 p.m.7 views

JLSEC-2026-123

Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpipowm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP...

7.5CVSS5.7AI score0.02342EPSS
Exploits0References24
Snyk
Snyk
added 2026/04/15 10:13 a.m.4 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the AEADEncDataPacket parser in AEADEncDataPacket.java. An attacker can crash packet parsing by supplying an AEAD-encrypted OpenPGP packet with an out-of-range chunk size valu...

8.7CVSS5.7AI score0.00758EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/15 10:13 a.m.5 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the AEADEncDataPacket parser in AEADEncDataPacket.java. An attacker can crash packet parsing by supplying an AEAD-encrypted OpenPGP packet with an out-of-range chunk size valu...

8.7CVSS5.7AI score0.00758EPSS
Exploits0References2
OSV
OSV
added 2026/04/14 12:27 p.m.9 views

CLSA-2026-1776169648 python3.9: Fix of CVE-2026-4519

CVE-2026-4519: reject leading dashes in webbrowser URLs - Update pubkeys.txt with refreshed Łukasz Langa GPG key expired 2025-05-12...

7.1CVSS7.1AI score0.00308EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/03 6:38 p.m.3 views

CVE-2026-2625 Rust-rpm-sequoia: rust-rpm-sequoia: denial of service via crafted rpm file during signature verification

A flaw was found in rust-rpm-sequoia. An attacker can exploit this vulnerability by providing a specially crafted Red Hat Package Manager RPM file. During the RPM signature verification process, this crafted file can trigger an error in the OpenPGP signature parsing code, leading to an...

4CVSS5.9AI score0.00085EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/03 6:38 p.m.25 views

CVE-2026-2625 Rust-rpm-sequoia: rust-rpm-sequoia: denial of service via crafted rpm file during signature verification

A flaw was found in rust-rpm-sequoia. An attacker can exploit this vulnerability by providing a specially crafted Red Hat Package Manager RPM file. During the RPM signature verification process, this crafted file can trigger an error in the OpenPGP signature parsing code, leading to an...

4CVSS0.00085EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.6 views

Red Hat Enterprise Linux 10 数据伪造问题漏洞

Red Hat Enterprise Linux 10 is a Linux operating system designed for enterprise users by the American company Red Hat. Red Hat Enterprise Linux 10 has a vulnerability related to data falsification. This vulnerability stems from errors in the OpenPGP signature parsing code, which may lead to...

5.5CVSS5.8AI score0.00085EPSS
Exploits0References2
OSV
OSV
added 2026/02/28 12:46 p.m.11 views

OESA-2026-1468 thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: When a user explicitly requested Thunderbird to decrypt an inline OpenPGP message that was embedded in a text section of an email that was formatted and styled with HTML and CSS, then the decrypted contents were render...

8.8CVSS6.1AI score0.006EPSS
Exploits0References3
Fedora
Fedora
added 2026/02/16 1:31 a.m.7 views

[SECURITY] Fedora 42 Update: gnutls-3.8.11-3.fc42

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, OpenPGP and...

7.5CVSS5.4AI score0.01382EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2026/02/10 12:0 a.m.4 views

GNU Transport Layer Security Library 3.8.12

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS 12, OpenPGP, and other...

5.3CVSS5.4AI score0.01382EPSS
Exploits1
Fedora
Fedora
added 2026/02/05 1:0 a.m.7 views

[SECURITY] Fedora 43 Update: gnupg2-2.4.9-5.fc43

GnuPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440 and the S/MIME standard as described...

8.4CVSS5.4AI score0.00421EPSS
Exploits1
Fedora
Fedora
added 2026/02/04 2:11 a.m.9 views

[SECURITY] Fedora 43 Update: rust-sequoia-sqv-1.3.0-5.fc43

A simple OpenPGP signature verification program...

5.3CVSS5.2AI score0.00297EPSS
Exploits0
Rows per page
Query Builder