CVE-2014-3564

CVE-2014-3564 affects the GPGME library (status_handler) in engine-gpgsm.c and engine-uiserver.c, with multiple heap-based buffer overflows that allow remote denial of service and possibly arbitrary code execution via vectors related to different line lengths in a specific order. Affected: GPGME ...

CVE-2007-1263

CVE-2007-1263 affects GnuPG 1.4.6 and earlier and GPGME before 1.1.4. The issue is that, when parsing OpenPGP messages with multiple components, signed and unsigned portions are not visually distinguished, allowing an attacker to forge the contents of a message without detection. The vulnerabilit...