CVE-2026-2747

SEPPmail Secure Email Gateway (before version 15.0.1) is affected: inline PGP messages are decrypted without isolating them from surrounding unencrypted content, potentially exposing sensitive data to an unauthorized actor. This vulnerability is documented as CVE-2026-2747, with impact described ...

thunderbird: Potential disclosure of plaintext in OpenPGP encrypted message

The Mozilla Foundation Security Advisory describes this flaw as: Using remote content in OpenPGP encrypted messages can lead to the disclosure of plaintext...

Thunderbird: Hang when processing certain OpenPGP messages

The Mozilla Foundation Security Advisory describes this flaw as: Certain malformed OpenPGP messages could trigger incorrect parsing of PKESK/SKESK packets due to a bug in the Ribose RNP library used by Thunderbird up to version 102.9.1, which would cause the Thunderbird user interface to hang. Th...

Thunderbird: Hang when processing certain OpenPGP messages

The Mozilla Foundation Security Advisory describes this flaw as: Certain malformed OpenPGP messages could trigger incorrect parsing of PKESK/SKESK packets due to a bug in the Ribose RNP library used by Thunderbird up to version 102.9.1, which would cause the Thunderbird user interface to hang. Th...

SUSE CVE-2007-1264

Enigmail 0.94.2 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Enigmail from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message...

SUSE CVE-2007-1269

GNUMail 1.1.2 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents GNUMail from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message...

Updated thunderbird packages fix security vulnerabilities

Updated thunderbird packages fixes bugs and security vulnerabilities: Cross-origin theft of images with ImageBitmapRenderingContext. CVE-2018-18511 Out-of-bounds read in Skia. CVE-2019-5798 Use-after-free in pngimagefree of libpng library. CVE-2019-7317 Cross-origin theft of images with...

USN-2258-1 gnupg, gnupg2 vulnerability

Jean-René Reinhard, Olivier Levillain and Florian Maury discovered that GnuPG incorrectly handled certain OpenPGP messages. If a user or automated system were tricked into processing a specially-crafted message, GnuPG could consume resources, resulting in a denial of service...

The Bat! memory corruption

Memory corruption on parsing multipart PGP messages...

The Bat! 2.01 memory corruption

Dear bugtraq, AGK agk at sandy.ru discovered The Bat! 2.01 to throw exception on few messages. It looks like The Bat! 2.01 in standard configuration with build-in PGP support has a bug with processing PGP signed messages protocol="application/pgp-signature" with multiple recursively included part...