5 matches found
EUVD-2025-37419
The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'saswptinymultiplefaq' shortcode in all versions up to, and including, 1.51 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...
aero.m-click:mcpdf (>=0.2.3 <=0.2.4), ai.databand:dbnd-agent (>=0.42.1 <=0.78.8) +5172 more potentially affected by CVE-2016-1000340 via org.bouncycastle:bcprov-jdk15on (>=1.51 <=1.55)
org.bouncycastle:bcprov-jdk15on MAVEN version =1.51, =0.2.3, =0.42.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.3 and more Source cves: CVE-2016-1000340 Source advisory: OSV:GHSA-R97X-3G8F-GX3M...
bouncycastle: Carry propagation bug in math.raw.Nat??? class
In the Bouncy Castle JCE Provider versions 1.51 to 1.55, a carry propagation bug was introduced in the implementation of squaring for several raw math classes have been fixed org.bouncycastle.math.raw.Nat???. These classes are used by our custom elliptic curve implementations...
Unspecified Vulnerability in Bouncy Castle JCE Provider
Bouncy Castle JCE Provider is a Java-based encryption package. A security vulnerability exists in the square implementation of Bouncy Castle JCE Provider versions 1.51 through 1.55. A detailed description of the vulnerability is not available at this time...
CVE-2016-1000340
In the Bouncy Castle JCE Provider versions 1.51 to 1.55, a carry propagation bug was introduced in the implementation of squaring for several raw math classes have been fixed org.bouncycastle.math.raw.Nat???. These classes are used by our custom elliptic curve implementations...