Vulnerabilities (CVE)

Filtered by vendor Gnu Subscribe
Filtered by product Gpgme
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-3564 3 Canonical, Debian, Gnu 3 Ubuntu Linux, Debian Linux, Gpgme 2024-11-21 6.8 MEDIUM N/A
Multiple heap-based buffer overflows in the status_handler function in (1) engine-gpgsm.c and (2) engine-uiserver.c in GPGME before 1.5.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to "different line lengths in a specific order."
CVE-2007-1263 2 Gnu, Gnupg 2 Gpgme, Gnupg 2024-11-21 5.0 MEDIUM N/A
GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a message without detection.