Vulnerabilities > Gnupg

DATE CVE VULNERABILITY TITLE RISK
2016-06-13 CVE-2016-4353 Improper Input Validation vulnerability in multiple products
ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder stack overflows, which allows remote attackers to cause a denial of service (abort) via crafted BER data.
network
low complexity
gnupg canonical CWE-20
7.5
2016-04-19 CVE-2015-7511 Information Exposure vulnerability in multiple products
Libgcrypt before 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for physically proximate attackers to extract ECDH keys by measuring electromagnetic emanations.
high complexity
gnupg debian canonical CWE-200
2.0
2010-08-05 CVE-2010-2547 Use After Free vulnerability in multiple products
Use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG 2.x through 2.0.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a certificate with a large number of Subject Alternate Names, which is not properly handled in a realloc operation when importing the certificate or verifying its signature.
network
high complexity
gnupg fedoraproject debian CWE-416
8.1