204 matches found
ROOT-APP-MAVEN-CVE-2024-29857 CVE-2024-29857 in io.root.org.bouncycastle:bcprov-jdk18on - Patched by Root
Root has patched CVE-2024-29857 in the io.root.org.bouncycastle:bcprov-jdk18on package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2025-8885 CVE-2025-8885 in io.root.org.bouncycastle:bc-fips - Patched by Root
Root has patched CVE-2025-8885 in the io.root.org.bouncycastle:bc-fips package for Root:Maven. Multiple fixed versions available...
macvlan: fix macvlan_get_size() not reserving space for IFLA_MACVLAN_BC_CUTOFF
...
UBUNTU-CVE-2026-53276
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix a use-after-free of the hciconn pointer In isosockrebindbc, the bis pointer is cached, then the socket lock is dropped: bis = isopisk-conn-hcon; / Release the socket before lookups since that requires hcidevlo...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8m-blk-ctrl: Fixed out-of-range access to bc-domains. Out-of-range access to bc-domains was corrected in the imx8mblkctrlremove function...
Security Bulletin: IBM Sterling Secure Proxy is vulnerable to multiple issues
Summary Multiple vulnerabilities affect IBM Sterling Secure Proxy and are addressed in the latest release and ifix. Vulnerability Details CVEID:CVE-2026-8149 DESCRIPTION: A vulnerability in Legion of the Bouncy Castle Inc. BC-LTS on Linux, X8664, AVX, AVX-512f. This vulnerability is associated wi...
MAL-2026-5153 Malicious code in @att-ebiz/abs-components-bc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb8d1b46db555fda7536bcf080f9dfd0ceed5c731f7a96b2579121598dad6721 Package @att-ebiz/[email protected] is an empty placeholder published to public npm under a scope @att-ebiz that matches AT&T's internal...
Malicious code in @att-ebiz/abs-components-bc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb8d1b46db555fda7536bcf080f9dfd0ceed5c731f7a96b2579121598dad6721 Package @att-ebiz/[email protected] is an empty placeholder published to public npm under a scope @att-ebiz that matches AT&T's internal...
360solutions-bc-mcp (>=0.5.3 <=0.5.6), 3di-cmd-client (>=0.0.1a0 <=0.0.3) +749 more potentially affected by CVE-2026-48523 via pyjwt (>=2.0.0 <=2.12.1)
pyjwt PYPI version =2.0.0, =0.5.3, =0.0.1a0, =1.1.1, =0.1.0, =0.1.1, =0.1.31, =0.1.0, =1.5.0, =0.1.0, =0.2.9, =0.5.0, =1.89.5, =1.420.4 and more Source cves: CVE-2026-48523 Source advisory: SNYK:PYTHON-PYJWT-17054902...
360solutions-bc-mcp (>=0.5.3 <=0.5.6), ariadne (>=0.17.0 <=0.17.1b1) +25 more potentially affected by CVE-2026-48710 via starlette (>=1.0.0 <=1.0.0rc1)
starlette PYPI version =1.0.0, =0.5.3, =0.17.0, =7.2.0, =0.21.0, =1.9.13, =0.8.1, =1.1.2, =0.8.1, =2.10.0, =0.0.1a25, =2.14.0, =3.1.7 and more Source cves: CVE-2026-48710 Source advisory: SNYK:PYTHON-STARLETTE-16881242...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: xprtrdma: Treat all calls as non-bcalls when bcserv is NULL. When a RDMA server returns a fault format reply, the NFS v3 client may treat it as a bcall when the bc service does not exist. The debug message for rpcrdmabcreceivecal...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Binder: Ensure that fd closures are completed properly. During the processing of BCFREEBUFFER, the BINDERTYPEFDA object cleanup may close one or more file descriptors fd. These close operations are performed using the task work...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: tipc: The process of creating a BC link has been moved back to tipcnodecreate. Shuang Li reported a NULL pointer dereference crash: - Bug: NULL pointer dereference in the kernel; address: 0000000000000068 - RIP: 0010:...
Covert timing channel vulnerability at Bouncy Castle dependency at Crucible Server
This High severity Covert timing channel vulnerability was introduced in version 4.9.0 of Crucible Server. Atlassian recommends that Crucible Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions: Crucible Da...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.24 security update
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
CVE-2026-31662
In the Linux kernel, the following vulnerability has been resolved: tipc: fix bcackers underflow on duplicate GRPACKMSG The GRPACKMSG handler in tipcgroupprotorcv currently decrements bcackers on every inbound group ACK, even when the same member has already acknowledged the current broadcast...
EUVD-2026-22872
Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all core modules. Non-constant time comparisons risk private key leakage in FrodoKEM. This issue affects BC-JAVA: from 2.17.3 before 1.84...
SUSE CVE-2026-3505
Allocation of resources without limits or throttling, Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpg on all pg modules. This vulnerability is associated with program files AEADEncDataPacket.Java, BcAEADUtil.Java, JceAEADUtil.Java,...
SUSE CVE-2026-5598
Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all core modules. This vulnerability is associated with program files FrodoEngine.Java. This issue affects BC-JAVA: from 1.71 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84...
CVE-2026-3505
Allocation of resources without limits or throttling, Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpg on all pg modules. This vulnerability is associated with program files AEADEncDataPacket.Java, BcAEADUtil.Java, JceAEADUtil.Java,...