Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-4466

Malicious code in bioql PyPI...

10CVSS7.3AI score0.02413EPSS
Exploits0References11
Github Security Blog
Github Security Blog
added 2022/05/01 6:45 p.m.30 views

Legion of the Bouncy Castle Java Cryptography API Bleichenbacher Oracle Vulnerability

The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes."...

10CVSS6.9AI score0.02413EPSS
Exploits0References5Affected Software3
OSV
OSV
added 2021/12/08 10:15 p.m.2 views

DEBIAN-CVE-2021-43527

NSS Network Security Services versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \7, or PKCS \12 are likely to be impacted. Applications using N...

9.8CVSS7.4AI score0.17563EPSS
Exploits0References1
OSV
OSV
added 2021/12/08 10:15 p.m.3 views

ALPINE-CVE-2021-43527

NSS Network Security Services versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \7, or PKCS \12 are likely to be impacted. Applications using N...

9.8CVSS7.1AI score0.17563EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/30 4:9 p.m.95 views

Security Bulletin: Multiple vulnerabilities in Bouncy Castle Java Cryptography affect IBM Tivoli Business Manager

Summary Bouncy Castle Java Cryptography is shipped as part of IBM Tivoli Business Manager 6.2.0. Information about security vulnerabilities affecting Bouncy Castle Java Cryptography has been published in a security bulletin. Vulnerability Details CVEID: CVE-2018-5382 DESCRIPTION: Bouncy Castle...

10CVSS6.7AI score0.35584EPSS
Exploits1Affected Software1
Veracode
Veracode
added 2019/03/25 8:40 a.m.28 views

ROBOT Attack

Bouncy Castle Cryptography API is vulnerable to ROBOT attack. The vulnerability exists due to the usage of simple RSA CMS signatures without signed attributes...

10CVSS7.2AI score0.02413EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2009/03/30 1:30 a.m.9 views

CVE-2007-6721

The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes."...

6.3AI score
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2009/03/30 1:30 a.m.4 views

CVE-2007-6721

The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes."...

10CVSS7.3AI score0.02413EPSS
Exploits0References9
Prion
Prion
added 2009/03/30 1:30 a.m.23 views

Design/Logic Flaw

The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes."...

10CVSS7AI score0.02413EPSS
Exploits0References7Affected Software2
OSV
OSV
added 2009/03/30 1:30 a.m.3 views

DEBIAN-CVE-2007-6721

The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes."...

10CVSS7AI score0.02413EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2009/03/30 1:0 a.m.25 views

CVE-2007-6721

The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes."...

10CVSS7.2AI score0.02413EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2009/03/30 12:0 a.m.6 views

PT-2009-1169 · Bouncy Castle · Crypto Provider Package +1

Name of the Vulnerable Software and Affected Versions: Bouncy Castle Java Cryptography API versions prior to 1.38 Crypto Provider Package versions prior to 1.36 Description: The issue is related to a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes, which has...

10CVSS7.2AI score0.02413EPSS
Exploits0References15
Rows per page
Query Builder