High

DATE	CVE	VULNERABILITY TITLE	RISK
2016-06-13	CVE-2016-4579	Improper Input Validation vulnerability in multiple products Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via unspecified vectors, related to the "returned length of the object from _ksba_ber_parse_tl." network low complexity gnupg opensuse canonical CWE-20	7.5
2016-06-13	CVE-2016-4574	Numeric Errors vulnerability in multiple products Off-by-one error in the append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read) via invalid utf-8 encoded data. network low complexity gnupg canonical opensuse CWE-189	7.5
2016-06-13	CVE-2016-4356	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.3 allows remote attackers to cause a denial of service (out-of-bounds read) by clearing the high bit of the byte after invalid utf-8 encoded data. network low complexity gnupg canonical CWE-119	7.5
2016-06-13	CVE-2016-4355	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Multiple integer overflows in ber-decoder.c in Libksba before 1.3.3 allow remote attackers to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow. network low complexity gnupg canonical CWE-119	7.5
2016-06-13	CVE-2016-4354	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products ber-decoder.c in Libksba before 1.3.3 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow. network low complexity canonical gnupg CWE-119	7.5
2016-06-13	CVE-2016-4353	Improper Input Validation vulnerability in multiple products ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder stack overflows, which allows remote attackers to cause a denial of service (abort) via crafted BER data. network low complexity gnupg canonical CWE-20	7.5
2010-08-05	CVE-2010-2547	Use After Free vulnerability in multiple products Use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG 2.x through 2.0.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a certificate with a large number of Subject Alternate Names, which is not properly handled in a realloc operation when importing the certificate or verifying its signature. network high complexity gnupg fedoraproject debian CWE-416	8.1