The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of GnuPG

SHA1: information disclosure via Chosen-Prefix Collision
An attacker can trigger a Chosen-Prefix Collision on SHA1, in order to alter a signature, to obtain sensitive information...
Shambles, USN-4233-1, USN-4233-2, VIGILANCE-VUL-31290
GnuPG: information disclosure via Chosen-Prefix SHA-1 Collisions
An attacker can bypass access restrictions to data via Chosen-Prefix SHA-1 Collisions (VIGILANCE-VUL-31290) of GnuPG, in order to obtain sensitive information...
CVE-2019-14855, VIGILANCE-VUL-30973
Libgcrypt: information disclosure via ECDSA Timing Attack
An attacker can bypass access restrictions to data via ECDSA Timing Attack of Libgcrypt, in order to obtain sensitive information. This vulnerability originates from VIGILANCE-VUL-30530...
CVE-2019-13627, DLA-1931-1, DLA-1931-2, openSUSE-SU-2019:2161-1, openSUSE-SU-2020:0022-1, SUSE-SU-2019:2349-1, SUSE-SU-2019:2510-1, SUSE-SU-2019:3392-1, USN-4236-1, USN-4236-2, USN-4236-3, VIGILANCE-VUL-30205
GnuPG: denial of service via Keyserver Network
An attacker can trigger a fatal error via Keyserver Network of GnuPG, in order to trigger a denial of service...
CVE-2019-13050, openSUSE-SU-2019:1917-1, SUSE-SU-2019:2480-1, VIGILANCE-VUL-30074
GnuPG: creation of fake status messages
An attacker can create fake status messages in GnuPG, in order to deceive the victime...
bulletinjul2018, CVE-2018-12020, DSA-2020-030, DSA-4222-1, DSA-4223-1, FEDORA-2018-4ef71d3525, FEDORA-2018-69780fc4d7, FEDORA-2018-a4e13742b4, JSA10917, openSUSE-SU-2018:1706-1, openSUSE-SU-2018:1708-1, openSUSE-SU-2018:1722-1, openSUSE-SU-2018:1724-1, RHSA-2018:2180-01, RHSA-2018:2181-01, SSA:2018-159-01, SSA:2018-170-01, SUSE-SU-2018:1696-1, SUSE-SU-2018:1698-1, SUSE-SU-2018:2243-1, T4012, USN-3675-1, USN-3675-2, USN-3675-3, USN-3964-1, VIGILANCE-VUL-26364
GnuPG Dirmngr: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of GnuPG Dirmngr, in order to force the victim to perform operations...
CVE-2018-1000858, openSUSE-SU-2019:0020-1, SUSE-SU-2019:0023-1, USN-3853-1, VIGILANCE-VUL-28032
GnuPG: privilege escalation via Key Certification
An attacker can bypass restrictions via Key Certification of GnuPG, in order to escalate his privileges...
bulletinapr2019, CVE-2018-9234, FEDORA-2018-3fc05e009d, USN-3675-1, USN-3675-2, USN-3675-3, VIGILANCE-VUL-25772
Libgcrypt: information disclosure via Curve25519 ECDH Side-channel
An attacker can bypass access restrictions to data via Curve25519 ECDH Side-channel of Libgcrypt, in order to obtain sensitive information...
cpujan2019, cpujul2018, CVE-2017-0379, DSA-3959-1, FEDORA-2017-8cd171f540, FEDORA-2017-bcdeca9d41, SSA:2017-261-02, USN-3417-1, VIGILANCE-VUL-23639
Libgcrypt: information disclosure via Flush Reload Side-channel Attack
An attacker can bypass access restrictions to data via Flush Reload Side-channel Attack of Libgcrypt, in order to obtain sensitive information...
bulletinoct2017, CVE-2017-7526, DLA-1015-1, DLA-1080-1, DSA-2020-030, DSA-3901-1, DSA-3960-1, FEDORA-2017-3b70d0b976, FEDORA-2017-a348b32eb5, openSUSE-SU-2017:1822-1, SSA:2017-180-04, SSA:2017-213-01, USN-3347-1, USN-3347-2, USN-3733-1, USN-3733-2, VIGILANCE-VUL-23104
GnuPG: predicting 160 bits
An attacker can use a vulnerability in the pseudo-random generator of GnuPG, in order to predict bits...
2000347, bulletinoct2017, CVE-2016-6313, CVE-2016-6316-ERROR, DLA-600-1, DLA-602-1, DSA-2020-030, DSA-3649-1, DSA-3650-1, FEDORA-2016-2b4ecfa79f, FEDORA-2016-3a0195918f, FEDORA-2016-81aab0aff9, FEDORA-2016-9864953aa3, openSUSE-SU-2016:2208-1, openSUSE-SU-2016:2423-1, RHSA-2016:2674-01, SSA:2016-236-01, SSA:2016-236-02, USN-3064-1, USN-3065-1, VIGILANCE-VUL-20413
Our database contains other pages. You can request a free trial to read them.

Display information about GnuPG: