Lucene search
K

139 matches found

CVE
CVE
added 2026/04/15 8:59 a.m.68 views

CVE-2026-0636

CVE-2026-0636 affects BC-JAVA:bcprov libraries from Legion of the Bouncy Castle Inc. Affected versions are 1.49 up to but not including 1.84. The issue is an LDAP injection in LDAPStoreHelper.java caused by improper neutralization of special LDAP query elements. This results in a high-impact vuln...

6.9CVSS5.8AI score0.00527EPSS
Exploits0References15
Debian CVE
Debian CVE
added 2026/04/15 8:59 a.m.9 views

CVE-2026-0636

Improper neutralization of special elements used in an LDAP query 'LDAP injection' vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all prov modules. This vulnerability is associated with program files LDAPStoreHelper. This issue affects BC-JAVA: from 1.74 before 1.80.2, from...

6.9CVSS5.8AI score0.00527EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.10 views

Bouncy Castle Java 安全漏洞

Bouncy Castle Java is an open-source encryption algorithm developed by Legion of the Bouncy Castle Inc. Versions of Bouncy Castle Java prior to 1.84 contained security vulnerabilities, which were caused by improper handling of special elements in LDAP queries. These vulnerabilities could lead to...

6.9CVSS5.8AI score0.00527EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.10 views

Bouncy Castle Java 安全漏洞

Bouncy Castle Java is an open-source encryption algorithm developed by Legion of the Bouncy Castle Inc. Versions of Bouncy Castle Java prior to version 1.84 contained security vulnerabilities. These vulnerabilities stemmed from the use of defective or insecure encryption algorithms, which could...

9.3CVSS5.8AI score0.00313EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.7 views

PT-2026-33031

Name of the Vulnerable Software and Affected Versions BC-JAVA versions 1.49 through 1.83 BCPKIX-FIPS versions 2.0.6 through 2.0.10 BCPKIX-FIPS versions 2.1.7 through 2.1.10 Description The PKIX draft CompositeVerifier accepts an empty signature sequence as valid. This issue is associated with the...

7.5CVSS6.7AI score0.00392EPSS
Exploits0References314
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.10 views

PT-2026-33028

Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all core modules. This vulnerability is associated with program files G3413CTRBlockCipher. GOSTCTR implementation unable to process more than 255 blocks correctly. This issue affec...

10CVSS5.8AI score0.00758EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.7 views

PT-2026-33032

Name of the Vulnerable Software and Affected Versions BC-JAVA versions 1.71 through 1.83 Description A covert timing channel exists in the BC-JAVA core modules, specifically associated with the program files FrodoEngine.Java. A covert timing channel is a method of transferring information from on...

9.9CVSS6.3AI score0.00691EPSS
Exploits0References134
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.9 views

Bouncy Castle Java 安全漏洞

Bouncy Castle Java is an open-source encryption algorithm developed by Legion of the Bouncy Castle Inc. Versions of Bouncy Castle Java from 1.49 to 1.84 contained security vulnerabilities. These vulnerabilities were due to the use of defective encryption algorithms, which could allow empty...

6.3CVSS7.1AI score0.00392EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.34 views

Bouncy Castle Java 安全漏洞

Bouncy Castle Java is an open-source encryption algorithm developed by Legion of the Bouncy Castle Inc. Versions of Bouncy Castle Java prior to 1.84 contained security vulnerabilities. These vulnerabilities stemmed from unlimited resource allocation, which could lead to exhaustion of pre-authoriz...

8.7CVSS5.8AI score0.00758EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.6 views

PT-2026-33030

Name of the Vulnerable Software and Affected Versions BC-JAVA versions prior to 1.84 Description An issue in the bcpg modules allows for unbounded PGP AEAD chunk size, which can lead to pre-authentication resource exhaustion. Resource exhaustion occurs when a system lacks limits or throttling on...

9.9CVSS5.7AI score0.00758EPSS
Exploits4References117
Packet Storm News
Packet Storm News
added 2026/04/01 12:0 a.m.2 views

Quantum-Safe Code Auditing: LLM-Assisted Static Analysis and Quantum-Aware Risk Scoring for Post-Quantum Cryptography Migration

The impending arrival of cryptographically relevant quantum computers CRQCs threatens the security foundations of modern software: Shor's algorithm breaks RSA, ECDSA, ECDH, and Diffie-Hellman, while Grover's algorithm reduces the effective security of symmetric and hash-based schemes. Despite NIS...

6AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/15 4:3 a.m.6 views

Security Bulletin: Bouncy Castle for Java BC-FJA NativeLoader Resource Consumption Issue, affects watsonx.data

Summary Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips API modules allows Excessive Allocation. This vulnerability is associated with program files org.Bouncycastle.Crypto.Fips.NativeLoader. This issue affects Boun...

5.9CVSS6.8AI score0.00154EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/08 6:1 a.m.9 views

Security Bulletin: Uncontrolled Resource Allocation in Bouncy Castle Java PKIXCertPathReviewer Leading to Excessive Allocation, which affects IBM watsonx.data

Summary Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All API modules, Legion of the Bouncy Castle Inc. BC Java bcprov on All API modules, Legion of the Bouncy Castle Inc. BCPKIX FIPS bcpkix-fips on All API modules allows...

6.3CVSS6.8AI score0.0043EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/07 7:35 p.m.6 views

Security Bulletin: multiple vulerability in IBM Spectrum Symphony with Bouncy Castle Java API

Summary multiple vulerability in IBM Spectrum Symphony with Bouncy Castle Java TLS API Vulnerability Details CVEID:CVE-2025-8916 DESCRIPTION: Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All API modules, Legion of the...

6.3CVSS6.6AI score0.00505EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/10 10:23 a.m.20 views

Security Bulletin: Multiple Vulnerabilities in IBM StreamSets Data Collector

Summary Multiple vulnerabilities were addressed in IBM StreamSets Data Collector version 6.4.0. Vulnerability Details CVEID:CVE-2015-5262 DESCRIPTION: http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setti...

9.8CVSS8.3AI score0.19312EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/31 7:46 p.m.4 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an uncontrolled resource consumption and out of bounds write in Bouncy Castle [CVE-2025-9341, CVE-2025-9340]

Summary IBM Watson Speech Services Cartridge is vulnerable to an uncontrolled resource consumption and out of bounds write in Bouncy Castle, due to issues in AESNativeCBC.Java and AESNativeCBC.Java which allow excessive allocation CVE-2025-9341 and issues in jcajce/provider/BaseCipher...

5.9CVSS6.9AI score0.00154EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/10/27 6:26 p.m.5 views

CVE-2025-12194

Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All API modules, Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All API modules allows Excessive Allocation. This vulnerability is associated wi...

5.9CVSS6.4AI score0.00142EPSS
Exploits0References4
OSV
OSV
added 2025/10/25 12:30 a.m.3 views

GHSA-JV6H-4262-Q663 Bouncy Castle Vulnerable to Uncontrolled Resource Consumption

Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All API modules, Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All API modules allows Excessive Allocation. This vulnerability is associated wi...

5.9CVSS7.2AI score0.00142EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/10/25 12:30 a.m.10 views

Bouncy Castle Vulnerable to Uncontrolled Resource Consumption

Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All API modules, Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All API modules allows Excessive Allocation. This vulnerability is associated wi...

5.9CVSS7AI score0.00142EPSS
Exploits0References5Affected Software2
NVD
NVD
added 2025/10/24 11:15 p.m.5 views

CVE-2025-12194

Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All API modules, Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All API modules allows Excessive Allocation. This vulnerability is associated wi...

5.9CVSS0.00142EPSS
Exploits0References1
Rows per page
Query Builder