The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of gpg

GnuPG Dirmngr: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of GnuPG Dirmngr, in order to force the victim to perform operations...
CVE-2018-1000858, openSUSE-SU-2019:0020-1, SUSE-SU-2019:0023-1, USN-3853-1, VIGILANCE-VUL-28032
GnuPG: privilege escalation via Key Certification
An attacker can bypass restrictions via Key Certification of GnuPG, in order to escalate his privileges...
bulletinapr2019, CVE-2018-9234, FEDORA-2018-3fc05e009d, USN-3675-1, USN-3675-2, USN-3675-3, VIGILANCE-VUL-25772
Libgcrypt: information disclosure via Curve25519 ECDH Side-channel
An attacker can bypass access restrictions to data via Curve25519 ECDH Side-channel of Libgcrypt, in order to obtain sensitive information...
cpujan2019, cpujul2018, CVE-2017-0379, DSA-3959-1, FEDORA-2017-8cd171f540, FEDORA-2017-bcdeca9d41, SSA:2017-261-02, USN-3417-1, VIGILANCE-VUL-23639
Libgcrypt: information disclosure via Flush Reload Side-channel Attack
An attacker can bypass access restrictions to data via Flush Reload Side-channel Attack of Libgcrypt, in order to obtain sensitive information...
bulletinoct2017, CVE-2017-7526, DLA-1015-1, DLA-1080-1, DSA-2020-030, DSA-3901-1, DSA-3960-1, FEDORA-2017-3b70d0b976, FEDORA-2017-a348b32eb5, openSUSE-SU-2017:1822-1, SSA:2017-180-04, SSA:2017-213-01, USN-3347-1, USN-3347-2, USN-3733-1, USN-3733-2, VIGILANCE-VUL-23104
GnuPG: predicting 160 bits
An attacker can use a vulnerability in the pseudo-random generator of GnuPG, in order to predict bits...
2000347, bulletinoct2017, CVE-2016-6313, CVE-2016-6316-ERROR, DLA-600-1, DLA-602-1, DSA-2020-030, DSA-3649-1, DSA-3650-1, FEDORA-2016-2b4ecfa79f, FEDORA-2016-3a0195918f, FEDORA-2016-81aab0aff9, FEDORA-2016-9864953aa3, openSUSE-SU-2016:2208-1, openSUSE-SU-2016:2423-1, RHSA-2016:2674-01, SSA:2016-236-01, SSA:2016-236-02, USN-3064-1, USN-3065-1, VIGILANCE-VUL-20413
GnuPG: code execution during installation
An attacker can invite the victim to download malicious libraries on Windows, in order to run code during the installation of GnuPG...
Libgcrypt: information disclosure via ECDH
An attacker, who is located near the computer, can capture electromagnetic data during an ECDH encryption on Libgcrypt, in order to obtain information about the private key...
bulletinoct2017, CVE-2015-7511, DSA-3474-1, DSA-3478-1, FEDORA-2016-ec4c27d766, openSUSE-SU-2016:0575-1, openSUSE-SU-2016:1227-1, SSA:2016-054-03, USN-2896-1, VIGILANCE-VUL-18938
GnuPG: information disclosure via OpenPGP Format
An attacker, who can read an error message which occurs during the automatic decryption by GnuPG, can send numerous encrypted messages in order to progressively guess the content of the clear message...
GnuPG: two vulnerabilities
An attacker can use several vulnerabilities of GnuPG...
GnuPG: three vulnerabilities of libksba
An attacker can use several vulnerabilities of GnuPG...
MDVSA-2015:214, VIGILANCE-VUL-16582
Our database contains other pages. You can request a free trial to read them.

Display information about gpg: