Lucene search
K

60 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:3 a.m.9 views

CVE-2019-17359

The ASN.1 parser in Bouncy Castle Crypto aka BC Java 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data. This is fixed in 1.64...

7.5CVSS6.6AI score0.0895EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 5:41 a.m.47 views

Security Bulletin: IBM Sterling Secure Proxy is vulnerable to multiple issues

Summary Multple vulnerabilities affect IBM Sterling Secure Proxy and are addressed in the latest release and iFix Vulnerability Details CVEID:CVE-2024-30172 DESCRIPTION: The Bouncy Castle Crypto Package For Java is vulnerable to a denial of service, caused by an infinite loop in the Ed25519...

7.5CVSS8.5AI score0.01433EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/14 6:13 a.m.11 views

Security Bulletin: IBM Sterling Secure Proxy is vulnerable to multiple issues

Summary Multple vulnerabilities affect IBM Sterling Secure Proxy and are addressed in the latest release and iFix Vulnerability Details CVEID:CVE-2024-29857 DESCRIPTION: The Bouncy Castle Crypto Package For Java is vulnerable to a denial of service, caused by improper input validation. By importi...

7.5CVSS7.7AI score0.011EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/28 6:5 p.m.30 views

Security Bulletin: Multiple vulnerabilities disclosed in IBM Eclipse SDK affect IBM SPSS Collaboration and Deployment Services

Summary Multiple vulnerabilities disclosed in IBM Eclipse SDK affect IBM SPSS Collaboration and Deployment Services CVE-2024-8184, CVE-2024-6763, CVE-2024-29857, CVE-2024-30172, CVE-2024-30171, CVE-2021-28170, CVE-2023-48795, CVE-2023-33201, CVE-2023-33202, CVE-2023-4218, CVE-2023-36478,...

7.5CVSS7.8AI score0.93305EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 3:48 a.m.97 views

Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOps

Summary Multiple vulnerabilities were fixed in IBM Cloud Pak for Watson AIOps version 4.1.1 Vulnerability Details CVEID:CVE-2023-26920 DESCRIPTION: Natural Intelligence fast-xml-parser could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw in t...

8.7CVSS9.7AI score0.12966EPSS
Exploits11Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/12 11:22 a.m.15 views

Security Bulletin: IBM Maximo Application Suite uses "bcprov-jdk18on-1.75.jar" which is vulnerable to CVE-2024-30171

Summary IBM Maximo Application Suite uses "bcprov-jdk18on-1.75.jar" which is vulnerable to CVE-2024-30171. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-30171 DESCRIPTION: The Bouncy Castle Crypto Package For Java could allow ...

5.9CVSS8.6AI score0.00901EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/26 6:52 p.m.8 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in Bouncy Castle Crypto Package For Java

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of Bouncy Castle Crypto Package For Java Vulnerability Details CVEID:CVE-2024-30171 DESCRIPTION: The Bouncy Castle Crypto Package For Java could allow a remote authenticated attacker to obtain sensitive information, caused by...

5.9CVSS5.5AI score0.00901EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/26 6:44 p.m.9 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in Bouncy Castle Crypto Package For Java

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of Bouncy Castle Crypto Package For Java Vulnerability Details CVEID:CVE-2024-29857 DESCRIPTION: The Bouncy Castle Crypto Package For Java is vulnerable to a denial of service, caused by improper input validation. By importin...

7.5CVSS7.5AI score0.011EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/03 11:4 p.m.60 views

Security Bulletin: IBM Cloud Pak for Network Automation 2.7.5 addresses multiple security vulnerabilities.

Summary IBM Cloud Pak for Network Automation 2.7.5 addresses multiple security vulnerabilities. Vulnerability Details CVEID:CVE-2024-32879 DESCRIPTION: Python Social Auth Django could allow a remote authenticated attacker to bypass security restrictions, caused by improper handling of case...

8.2CVSS9.2AI score0.8496EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/12/17 10:50 p.m.26 views

Security Bulletin: IBM Cognos Transformer is affected by vulnerabilities in IBM® Java™ and Bouncy Castle Crypto Package For Java

Summary There are vulnerabilities in IBM® Java™ and Bouncy Castle Crypto Package For Java consumed by IBM Cognos Transformer. For more information about the vulnerability impact, refer to the table in the "Related Information" section. This Security Bulletin relates only to third-party components...

7.5CVSS7.2AI score0.01361EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/06 9:54 a.m.23 views

Security Bulletin: Multiple Vulnerabilities in Db2 affect IBM Cloud Pak Sytem

Summary Vulnerabilities in Db2 affect IBM Cloud Pak Sytem. Vulnerability Details CVEID:CVE-2024-31882 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.1 and 11.5 is vulnerable to a denial of service, under specific configurations, as the server may crash when using ...

7.5CVSS7.7AI score0.011EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/31 4:25 p.m.62 views

Security Bulletin: Denial of service, DNS poisoning, and information disclosure might affect IBM Storage Defender – Resiliency Service

Summary IBM Storage Defender – Resiliency Service is vulnerable and can result in denial of service, DNS poisoning, and information disclosure. The vulnerabilities have been addressed. CVE-2024-34447, CVE-2024-30172, CVE-2024-30171, CVE-2024-29857, CVE-2024-45296, CVE-2023-44487, CVE-2024-29857...

7.5CVSS7.8AI score0.99999EPSS
Exploits19Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/29 8:40 p.m.29 views

Security Bulletin: IBM Sterling External Authentication Server is vulnerable to multiple issues

Summary Multple vulnerabilities affect IBM Sterling External Authentication Server and are addressed in the latest iFixes Vulnerability Details CVEID:CVE-2024-21094 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause no...

7.5CVSS6.1AI score0.01433EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/14 4:15 a.m.34 views

Security Bulletin: Multiple vulnerabilities in Bouncy Castle Crypto affect IBM Robotic Process Automation.

Summary Multiple vulnerabilities in Bouncy Castle Crypto affect IBM Robotic Process Automation. IBM Robotic Process Automation uses Bouncy Catle Crypto for some cryptographic processing. This bulletin identifies the security fixes to apply to address the vulnerabilities. Vulnerability Details...

7.5CVSS7.3AI score0.011EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/08 3:29 p.m.46 views

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities

Summary IBM Security Guardium has addressed these vulnerabilities with an update. Vulnerability Details CVEID:CVE-2024-29857 DESCRIPTION: The Bouncy Castle Crypto Package For Java is vulnerable to a denial of service, caused by improper input validation. By importing an EC certificate with crafte...

8.1CVSS9.1AI score0.8833EPSS
Exploits16Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/04 9:46 a.m.35 views

Security Bulletin: IBM Security Verify Governance has multiple vulnerabilities

Summary Multiple security vulnerabilities have been addressed in an update for IBM Security Verify Governance. Vulnerability Details CVEID:CVE-2024-30172 DESCRIPTION: The Bouncy Castle Crypto Package For Java is vulnerable to a denial of service, caused by an infinite loop in the Ed25519...

8.1CVSS8AI score0.01197EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/17 8:35 p.m.34 views

Security Bulletin: Mutiple vulnerabilities in Bouncy Castle Crypto Package For Java may affect IBM Storage Scale GUI (CVE-2024-30171, CVE-2024-29857)

Summary There are vulnerabilities in Bouncy Castle Crypto Package For Java, used by IBM Storage Scale GUI, which could allow a remote attacker to exploit and obtain sensitive information. Vulnerability Details CVEID:CVE-2018-20676 DESCRIPTION: Bootstrap is vulnerable to cross-site scripting, caus...

7.5CVSS6.8AI score0.1686EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/13 8:4 a.m.28 views

Security Bulletin: IBM Maximo Application Suite uses bcprov-jdk15on-1.70.jar which is vulnerable to CVE-2024-29857.

Summary IBM Maximo Application Suite uses bcprov-jdk15on-1.70.jar which is vulnerable to CVE-2024-29857. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-29857 DESCRIPTION: The Bouncy Castle Crypto Package For Java is vulnerable ...

7.5CVSS7.3AI score0.011EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/04 2:41 p.m.56 views

Security Bulletin: Apache James and Bouncy Castle vulnerabilities in Apache Solr and Logstash shipped with IBM Operations Analytics - Log Analysis (CVE-2023-33202,CVE-2024-21742,CVE-2024-29857,CVE-2024-30172,CVE-2024-34447)

Summary There are potential denial of service and bypass security restrictions vulnerabilities in Apache James Mime4J and Bouncy Castle Crypto Package, which are used by Apache Solr and Logstash in IBM Operations Analytics - Log Analysis Vulnerability Details CVEID:CVE-2024-34447 DESCRIPTION: The...

7.5CVSS7.2AI score0.011EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/26 7:19 a.m.36 views

Security Bulletin: Mutiple vulnerabilities in Bouncy Castle Crypto Package For Java may affect IBM Storage Scale GUI (CVE-2024-30171, CVE-2024-29857)

Summary There are vulnerabilities in Bouncy Castle Crypto Package For Java, used by IBM Storage Scale GUI, which could allow a remote attacker to exploit and obtain sensitive information. Vulnerability Details CVEID:CVE-2024-29857 DESCRIPTION: The Bouncy Castle Crypto Package For Java is vulnerab...

7.5CVSS7.2AI score0.011EPSS
Exploits0Affected Software1
Rows per page
Query Builder