Lucene search
+L

142 matches found

Mageia
Mageia
added 2018/09/20 11:17 p.m.91 views

Updated bouncycastle packages fix security vulnerabilities

Updated bouncycastle packages fix security vulnerabilities: Ensure full validation of ASN.1 encoding of signature on verification. It was possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may have allowed the introduction of...

9.8CVSS1.1AI score0.24282EPSS
Exploits0References4
OPENSUSE Linux
OPENSUSE Linux
added 2018/08/03 9:9 p.m.97 views

Security update for bouncycastle (moderate)

This update for bouncycastle fixes the following issues: Security issue fixed: - CVE-2018-1000613: Fix use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' boo1100694...

2.1AI score0.04767EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2018/07/13 9:19 p.m.37 views

CVE-2018-1000613

Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in XMSS/XMSS^MT private key deserialization that can result in...

9.8CVSS3.1AI score0.04767EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2018/07/09 8:29 p.m.45 views

CVE-2018-1000613

Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in XMSS/XMSS^MT private key deserialization that can result in...

9.8CVSS6.9AI score0.04767EPSS
Exploits0References1
NVD
NVD
added 2018/07/09 8:29 p.m.15 views

CVE-2018-1000613

Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in XMSS/XMSS^MT private key deserialization that can result in...

9.8CVSS9.7AI score0.04767EPSS
Exploits0References11
OSV
OSV
added 2018/07/09 8:29 p.m.4 views

UBUNTU-CVE-2018-1000613

Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in XMSS/XMSS^MT private key deserialization that can result in...

9.8CVSS6.8AI score0.04767EPSS
Exploits0References2
OSV
OSV
added 2018/07/09 8:29 p.m.3 views

DEBIAN-CVE-2018-1000613

Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in XMSS/XMSS^MT private key deserialization that can result in...

9.8CVSS9.5AI score0.04767EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2018/07/09 8:0 p.m.60 views

CVE-2018-1000613

Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in XMSS/XMSS^MT private key deserialization that can result in...

9.8CVSS6.8AI score0.04767EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/01/24 12:0 a.m.49 views

RHEL 5 : Red Hat Network Satellite server IBM Java Runtime (RHSA-2011:0880)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0880 advisory. - TLS: MITM attacks via session renegotiation CVE-2009-3555 - krb5: null pointer dereference in GSS-API library leads to DoS...

10CVSS8.3AI score0.87264EPSS
Exploits35References79
RedHat Linux
RedHat Linux
added 2011/06/16 7:13 p.m.6 views

OpenJDK Swing unsafe reflection usage (6622002)

Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

10CVSS5.8AI score0.049EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2011/01/20 4:17 p.m.5 views

OpenJDK Swing unsafe reflection usage (6622002)

Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

10CVSS5.8AI score0.049EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2010/12/15 11:41 p.m.6 views

OpenJDK Swing unsafe reflection usage (6622002)

Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

10CVSS5.8AI score0.049EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2010/12/15 10:41 p.m.5 views

OpenJDK Swing unsafe reflection usage (6622002)

Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

10CVSS5.8AI score0.049EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2010/11/10 7:0 p.m.4 views

OpenJDK Swing unsafe reflection usage (6622002)

Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

10CVSS5.8AI score0.049EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2010/10/20 5:13 p.m.6 views

OpenJDK Swing unsafe reflection usage (6622002)

Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

10CVSS5.8AI score0.049EPSS
Exploits0References4
Prion
Prion
added 2010/10/19 10:0 p.m.26 views

Design/Logic Flaw

Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

10CVSS8.2AI score0.049EPSS
Exploits0References33Affected Software3
CVE
CVE
added 2010/10/19 9:0 p.m.104 views

CVE-2010-3553

Technical details for CVE-2010-3553 are not publicly available in the provided connected documents. Please monitor for updated advisories that disclose affected products, vulnerabilities, remediation, or exploitation information.

10CVSS7.2AI score0.049EPSS
Exploits0References33Affected Software1
Cvelist
Cvelist
added 2010/10/19 9:0 p.m.27 views

CVE-2010-3553

Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

7.9AI score0.049EPSS
Exploits0References33
UbuntuCve
UbuntuCve
added 2010/10/19 12:0 a.m.28 views

CVE-2010-3553

Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

10CVSS5.9AI score0.049EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2010/10/18 12:0 a.m.50 views

CentOS 5 : java-1.6.0-openjdk (CESA-2010:0768)

Updated java-1.6.0-openjdk packages that fix several security issues and two bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detail...

10CVSS8.2AI score0.87264EPSS
Exploits15References19
Rows per page
Query Builder