1340 matches found
CVE-2026-27445 PGP Signature Reflection
SEPPmail Secure Email Gateway before version 15.0.1 does not properly verify that a PGP signature was generated by the expected key, allowing signature spoofing...
CVE-2026-27445
SEPPmail Secure Email Gateway before version 15.0.1 does not properly verify that a PGP signature was generated by the expected key, allowing signature spoofing...
CVE-2026-2747 PGP Mixed Plaintext and Encrypted Content
SEPPmail Secure Email Gateway before version 15.0.1 decrypts inline PGP messages without isolating them from surrounding unencrypted content, allowing exposure of sensitive information to an unauthorized actor...
CVE-2026-2747 PGP Mixed Plaintext and Encrypted Content
SEPPmail Secure Email Gateway before version 15.0.1 decrypts inline PGP messages without isolating them from surrounding unencrypted content, allowing exposure of sensitive information to an unauthorized actor...
CVE-2026-2747
SEPPmail Secure Email Gateway before version 15.0.1 decrypts inline PGP messages without isolating them from surrounding unencrypted content, allowing exposure of sensitive information to an unauthorized actor...
CVE-2026-2747
Summary: CVE-2026-2747 affects SEPPmail Secure Email Gateway. The vulnerability arises because versions prior to 15.0.1 decrypt inline PGP messages without isolating them from surrounding unencrypted content, potentially exposing sensitive information to an unauthorized actor. This is described a...
CVE-2026-2746
SEPPmail Secure Email Gateway before version 15.0.1 does not properly communicate PGP signature verification results, leaving users unable to detect forged emails...
CVE-2026-2746 Missing PGP Signature Tag
SEPPmail Secure Email Gateway before version 15.0.1 does not properly communicate PGP signature verification results, leaving users unable to detect forged emails...
PT-2026-22894
SEPPmail Secure Email Gateway before version 15.0.1 decrypts inline PGP messages without isolating them from surrounding unencrypted content, allowing exposure of sensitive information to an unauthorized actor...
SUSE-SU-2026:0768-1 Security update for postgresql14
This update for postgresql14 fixes the following issues: Update to version 14.22 bsc1258754. Security issues fixed: - CVE-2026-2003: improper validation of type 'oidvector' may allow disclose a few bytes of server memory bsc1258008. - CVE-2026-2004: intarray missing validation of type of input to...
SUSE-SU-2026:0615-1 Security update for postgresql15
This update for postgresql15 fixes the following issues: Update to version 15.16. Security issues fixed: - CVE-2026-2003: improper validation of type 'oidvector' may allow disclose a few bytes of server memory bsc1258008. - CVE-2026-2004: intarray missing validation of type of input to selectivit...
GNU Privacy Guard 2.5.18
GnuPG the GNU Privacy Guard or GPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As suc...
[SECURITY] Fedora 42 Update: gnupg2-2.4.9-2.fc42
GnuPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440 and the S/MIME standard as described...
RHEL 10 : gnupg2 (RHSA-2026:2719)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:2719 advisory. The GNU Privacy Guard GnuPG or GPG is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the pgppubdecryptbytea, which missing a safeguard for the session key length read from the message data, that can be given in input of pgppubdecryptbytea. An attacker can execute arbitrary code as the...
[SECURITY] Fedora 42 Update: rust-sequoia-sqv-1.3.0-5.fc42
A simple OpenPGP signature verification program...
CVE-2026-0818
When a user explicitly requested Thunderbird to decrypt an inline OpenPGP message that was embedded in a text section of an email that was formatted and styled with HTML and CSS, then the decrypted contents were rendered in a context in which the CSS styles from the outer messages were active. If...
EUVD-2026-4769
In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys...
MiracleLinux 8 : thunderbird-78.11.0-1.el8.ML.1 (AXSA:2021-2302:13)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2302:13 advisory. Mozilla: Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11 CVE-2021-29967 Mozilla: Thunderbird stored OpenPGP secret keys without master...
MiracleLinux 8 : thunderbird-78.9.1-1.0.1.el8 (AXSA:2021-1686:06)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1686:06 advisory. Mozilla: An attacker may use Thunderbird's OpenPGP key refresh mechanism to poison an existing key CVE-2021-23991 Mozilla: A crafted OpenPGP key wit...