Lucene search
K

1007 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2 days ago4 views

Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to Bouncy Castle (CVE-2026-0636,CVE-2026-5598,CVE-2026-5588&CVE-2026-3505)

Summary IBM App Connect Enterprise Toolkit and Runtime are vulnerable to multiple vulnerabilities due to Bouncy Castle. Vulnerability Details CVEID:CVE-2026-0636 DESCRIPTION: Improper neutralization of special elements used in an LDAP query 'LDAP injection' vulnerability in Legion of the Bouncy...

9.9CVSS5.8AI score0.00758EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 6 days ago4 views

Security Bulletin: Multiple vulnerabilities in IBM DevOps Solution Workbench

Summary Multiple vulnerabilities were addressed in IBM DevOps Solution Workbench version 5.2.0 Vulnerability Details CVEID:CVE-2026-40895 DESCRIPTION: follow-redirects is an open source, drop-in replacement for Node's http and https modules that automatically follows redirects. Prior to 1.16.0,...

9.8CVSS6.6AI score0.01339EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added last week4 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Bouncy Castle bcpkix (CVE-2026-5588)

Summary A vulnerability in Bouncy Castle bcpkix that is used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2026-5588 DESCRIPTION: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all pkix modules...

7.5CVSS7.1AI score0.00392EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/23 7:54 p.m.9 views

Security Bulletin: IBM® Db2® is affected by vulnerabilities in bcprov-jdk18on-1.82 and bcpkix-jdk18on-1.82.

Summary IBM® Db2® is affected by vulnerabilities in bcprov-jdk18on-1.82 and bcpkix-jdk18on-1.82 Vulnerability Details CVEID:CVE-2025-14813 DESCRIPTION: : Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all core modules. This...

9.9CVSS5.8AI score0.00691EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/22 5:25 p.m.3 views

Security Bulletin: SPSS Collaboration and Deployment Services is affected by Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc

Summary SPSS Collaboration and Deployment Services is affected by Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2026-3505 DESCRIPTION: Allocation of resources without limits o...

8.7CVSS5.7AI score0.00758EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/06/21 9:11 a.m.8 views

ROOT-APP-MAVEN-CVE-2026-0636 CVE-2026-0636 in io.root.org.bouncycastle:bcprov-jdk18on - Patched by Root

Root has patched CVE-2026-0636 in the io.root.org.bouncycastle:bcprov-jdk18on package for Root:Maven. Multiple fixed versions available...

6.5CVSS5.8AI score0.00527EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/20 7:57 a.m.7 views

Security Bulletin: Multiple Security Vulnerabilities in third-Party libraries used by IBM Tivoli Netcool Configuration Manager

Summary Multiple vulnerabilities in the third-party Bouncy Castle libraries used by IBM Tivoli Netcool Configuration Manager have been addressed. Vulnerability Details CVEID:CVE-2026-5588 DESCRIPTION: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle In...

9.9CVSS5.8AI score0.00691EPSS
Exploits0Affected Software1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Bouncycastle

Bouncy Castle for Java before version 1.73 contains a potential Denial of Service DoS issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM-encoded streams containing X.509 certificates, PKCS8-encoded keys, and PKCS7 objects. Parsing a file that...

5.5CVSS6.2AI score0.00932EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/19 8:51 a.m.5 views

Security Bulletin: IBM ApplinX is vulnerable to multiple vulnerabilities due to the use of Bouncy Castle library (CVE-2023-33202, CVE-2025-8916, CVE-2026-5588, CVE-2025-14813, CVE-2026-5598, CVE-2026-0636)

Summary IBM ApplinX is vulnerable to an Uncontrolled Resource Consumption vulnerability, an Allocation of Resources Without Limits or Throttling vulnerability, a Use of a Broken or Risky Cryptographic Algorithm, a Covert Timing Channel vulnerability and an Improper Neutralization of Special...

9.9CVSS7.1AI score0.00932EPSS
Exploits1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.15 views

PT-2026-50568

Name of the Vulnerable Software and Affected Versions Steeltoe.Configuration.Encryption versions 4.0.0 through 4.1.0 Description Steeltoe is an open source project providing libraries for building cloud-native applications. An issue exists where configuring the encrypt:rsa:algorithm variable with...

1.9CVSS5.9AI score0.00046EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/11 12:9 p.m.5 views

Security Bulletin: Multiple vulnerabilities in IBM Tivoli Network Manager IP Edition

Summary Multiple vulnerabilities were addressed in IBM Tivoli Network Manager IP Edition 4.2.0.24 IFix 1 Vulnerability Details CVEID:CVE-2025-11143 DESCRIPTION: The Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs. Differential parsing of...

9.9CVSS6.6AI score0.01127EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 2:41 p.m.8 views

Security Bulletin: IBM Technical Support Appliance is affected by a timing channel vulnerability in Bouncy Castle BC-JAVA

Summary IBM Technical Support Appliance TSA includes a vulnerable version of the Bouncy Castle BC-JAVA library bcprov-jdk18on-1.78.1.jar. A flaw in the FrodoEngine component may expose information through a covert timing channel, potentially affecting the confidentiality of cryptographic operatio...

9.9CVSS5.5AI score0.00691EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 1:55 p.m.9 views

Security Bulletin: Multiple vulnerabilities in IBM Rational Developer for i (CVE-2026-3505, CVE-2025-14813, CVE-2026-0636, CVE-2026-5598, CVE-2026-33671, CVE-2026-33672, CVE-2026-5588, CVE-2026-40175)

Summary IBM Rational Developer for i is affected by an uncontrolled resource consumption vulnerability in Bcpg CVE-2026-3505, a broken or risky cryptographic vulnerability in Bcprov CVE-2025-14813, an LDAP injection vulnerability in Bcprov CVE-2026-0636, a covert timing channel vulnerability in...

9.9CVSS5.8AI score0.01815EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 12:5 p.m.5 views

Security Bulletin: IBM Technical Support Appliance is affected by an LDAP Injection Vulnerability in Bouncy Castle BC-JAVA

Summary IBM Technical Support Appliance TSA includes a vulnerable version of the Bouncy Castle BC-JAVA provider library bcprov-jdk18on-1.78.1.jar. A flaw in the BC-JAVA LDAP certificate store implementation LDAPStoreHelper could allow improper neutralization of special elements used in LDAP...

6.9CVSS5.5AI score0.00527EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.9 views

Amazon Linux 2023 : bouncycastle, bouncycastle-javadoc, bouncycastle-mail (ALAS2023-2026-1775)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1775 advisory. Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all pkix modules. PKIX draft CompositeVerifier accepts empty signature sequence as...

7.5CVSS5.5AI score0.00392EPSS
Exploits0References4
Amazon
Amazon
added 2026/06/08 12:0 a.m.10 views

Medium: bouncycastle

Issue Overview: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all pkix modules. PKIX draft CompositeVerifier accepts empty signature sequence as valid. This issue affects BC-JAVA: from 1.49 before 1.84. CVE-2026-5588 Affected...

6.3CVSS7.1AI score0.00392EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/04 2:55 a.m.10 views

Security Bulletin: Due to use of bcpkix-jdk18on-1.81.jar, IBM Sterling Connect:Direct Web Services is affected by Use of a Broken or Risky Cryptographic Algorithm vulnerability.

Summary bcpkix-jdk18on-1.81.jar is used by IBM Sterling Connect:Direct Web Services CVE-2026-5588. Vulnerability Details CVEID:CVE-2026-5588 DESCRIPTION: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all pkix modules, Legion o...

7.5CVSS7.1AI score0.00392EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/29 9:58 a.m.13 views

Security Bulletin: There is a vulnerability in bcprov-jdk18on-1.81.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-0636)

Summary There is a vulnerability in bcprov-jdk18on-1.81.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-0636 DESCRIPTION: Improper neutralization of special elements used in an LDAP query 'LDAP injection' vulnerability in Legion of t...

6.9CVSS5.8AI score0.00527EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/27 3:7 p.m.9 views

Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to an issue in Bouncy Castle

Summary There is a vulnerability in Bouncy Castle used by IBM Sterling Connect:Direct for Microsoft Windows. IBM Sterling Connect:Direct for Microsoft Windows has addressed the applicable CVE CVE-2026-5588. Vulnerability Details CVEID:CVE-2026-5588 DESCRIPTION: Use of a Broken or Risky...

7.5CVSS7.1AI score0.00392EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/27 2:2 p.m.25 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in Bouncy Castle bcprov-jdk (CVE-2025-14813, CVE-2026-5598)

Summary IBM Sterling Control Center is affected by vulnerabilities CVE-2025-14813, CVE-2026-5598 reported for bcprov-jdk18on-1.81.jar. Vulnerability Details CVEID:CVE-2025-14813 DESCRIPTION: : Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JA...

9.9CVSS7.1AI score0.00691EPSS
Exploits0Affected Software1
Rows per page
Query Builder