CVE-2019-9155
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2019-9155
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A cryptographic issue in OpenPGP.js <=4.2.0 allows an attacker who is able provide forged messages and gain feedback about whether decryption of these messages succeeded to conduct an invalid curve attack in order to gain the victim's ECDH private key.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Openpgp.js 加密问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Openpgp.js是一个使用JavaScript实现的开源OpenPGP加密算法库。 OpenPGP.js及之前版本中存在加密问题漏洞。该漏洞源于网络系统或产品未正确使用相关密码算法,导致内容未正确加密、弱加密、明文存储敏感信息等。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2019-9155
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2019-9155
Please Login to view more intelligence information
- https://github.com/openpgpjs/openpgpjs/releases/tag/v4.3.0x_refsource_CONFIRM
- https://github.com/openpgpjs/openpgpjs/pull/853x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2019-9155
Same Patch Batch · n/a · 2019-08-22 · 106 CVEs total
| CVE-2014-10383 | WordPress memphis-documents-library插件输入验证错误漏洞 | |
| CVE-2019-15318 | WordPress yikes-inc-easy-mailchimp-extender插件代码注入漏洞 | |
| CVE-2013-7481 | WordPress contact-form-plugin插件跨站脚本漏洞 | |
| CVE-2018-20982 | WordPress media-library-assistant插件跨站脚本漏洞 | |
| CVE-2017-18575 | WordPress newstatpress插件跨站脚本漏洞 | |
| CVE-2016-10922 | WordPress woocommerce-store-toolkit插件权限许可和访问控制问题漏洞 | |
| CVE-2016-10923 | WordPress woocommerce-store-toolkit插件权限许可和访问控制问题漏洞 | |
| CVE-2017-18576 | WordPress event-notifier插件跨站脚本漏洞 | |
| CVE-2016-10924 | WordPress ebook-download插件路径遍历漏洞 | |
| CVE-2017-18577 | WordPress mailchimp-for-wp插件跨站脚本漏洞 | |
| CVE-2016-10925 | WordPress peters-login-redirect插件跨站脚本漏洞 | |
| CVE-2013-7482 | WordPress reflex-gallery插件跨站脚本漏洞 | |
| CVE-2008-7321 | WordPress tubepress插件跨站脚本漏洞 | |
| CVE-2018-20983 | WordPress wp-retina-2x插件跨站脚本漏洞 | |
| CVE-2017-18580 | WordPress shortcodes-ultimate插件输入验证错误漏洞 | |
| CVE-2019-15321 | WordPress option-tree插件代码问题漏洞 | |
| CVE-2018-20984 | WordPress patreon-connect插件注入漏洞 | |
| CVE-2019-15322 | WordPress shortcode-factory插件输入验证错误漏洞 | |
| CVE-2019-15320 | WordPress option-tree插件注入漏洞 | |
| CVE-2018-20985 | WordPress wp-payeezy-pay插件输入验证错误漏洞 |
Showing top 20 of 106 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-6667
PgBouncer missing authorization check in KILL_CLIENT admin c - CVE-2026-6666
PgBouncer crash in kill_pool_logins_server_error - CVE-2026-6665
PgBouncer buffer overflow in SCRAM - CVE-2026-6664
PgBouncer integer overflow in PgBouncer network packet parsi - CVE-2026-8127
eladmin Users API Endpoint UserController.java checkLevel ac
V. Comments for CVE-2019-9155
No comments yet