Lucene search
+L

139 matches found

OSV
OSV
added yesterday8 views

ROOT-APP-MAVEN-CVE-2026-5598 CVE-2026-5598 in io.root.org.bouncycastle:bcprov-jdk18on - Patched by Root

Root has patched CVE-2026-5598 in the io.root.org.bouncycastle:bcprov-jdk18on package for Root:Maven. Multiple fixed versions available...

7.5CVSS5.8AI score0.00691EPSS
Exploits0
OSV
OSV
added yesterday10 views

ROOT-APP-MAVEN-CVE-2026-0636 CVE-2026-0636 in io.root.org.bouncycastle:bcprov-jdk18on - Patched by Root

Root has patched CVE-2026-0636 in the io.root.org.bouncycastle:bcprov-jdk18on package for Root:Maven. Multiple fixed versions available...

6.5CVSS5.8AI score0.00527EPSS
Exploits0
OSV
OSV
added yesterday2 views

ROOT-APP-MAVEN-CVE-2025-14813 CVE-2025-14813 in io.root.org.bouncycastle:bcprov-jdk18on - Patched by Root

Root has patched CVE-2025-14813 in the io.root.org.bouncycastle:bcprov-jdk18on package for Root:Maven. Multiple fixed versions available...

9.3CVSS7AI score0.00313EPSS
Exploits0
OSV
OSV
added yesterday3 views

ROOT-APP-MAVEN-CVE-2023-33202 CVE-2023-33202 in io.root.org.bouncycastle:bcprov-jdk15on - Patched by Root

Root has patched CVE-2023-33202 in the io.root.org.bouncycastle:bcprov-jdk15on package for Root:Maven. Multiple fixed versions available...

5.5CVSS6.5AI score0.00932EPSS
Exploits1
CVE
CVE
added 2 days ago7 views

CVE-2026-15997

BC-LTS bcprov-lts8on (ARM) contains a native C vulnerability in SHA3/SHAKE handling: restoreFullState may underflow size_t in crafted encoded state, enabling an out-of-bounds write. Affects BC-LTS 2.73.0–before 2.73.12.1; control flows that accept memoable SHA3/SHAKE states from untrusted sources...

5.6CVSS6.1AI score0.001EPSS
Exploits0References1
OSV
OSV
added 3 days ago4 views

ROOT-APP-MAVEN-CVE-2024-34447 CVE-2024-34447 in io.root.org.bouncycastle:bcprov-jdk15on - Patched by Root

Root has patched CVE-2024-34447 in the io.root.org.bouncycastle:bcprov-jdk15on package for Root:Maven. Multiple fixed versions available...

5.9CVSS6.7AI score0.0077EPSS
Exploits0
OSV
OSV
added 3 days ago3 views

ROOT-APP-MAVEN-CVE-2024-30171 CVE-2024-30171 in io.root.org.bouncycastle:bcprov-jdk15on - Patched by Root

Root has patched CVE-2024-30171 in the io.root.org.bouncycastle:bcprov-jdk15on package for Root:Maven. Multiple fixed versions available...

5.9CVSS6.1AI score0.00901EPSS
Exploits0
Veracode
Veracode
added 2026/07/04 8:27 a.m.6 views

Use Of A Broken Or Risky Cryptographic Algorithm

BC-JAVA bcprov is vulnerable to the Use of a Broken or Risky Cryptographic Algorithm. The vulnerability is due to flaws in the G3413CTRBlockCipher implementation, where the affected cryptographic algorithm can provide weakened cryptographic protection, allowing attackers to compromise the...

9.3CVSS7AI score0.00313EPSS
Exploits0References18Affected Software12
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 4:10 p.m.16 views

Security Bulletin: Multiple Vulnerabilities in bcprov package bundled with IBM Fusion, IBM Fusion HCI, IBM Fusion Data Cataloging, and IBM Fusion Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI, IBM Fusion Data Cataloging, and IBM Fusion Content-Aware Storage include bcprov library, which is susceptible to use of broken cryptographic algorithm, Improper neutralization, covert timing channel vulnerabilities CVE-2025-14813, CVE-2026-0636, CVE-2026-5598...

9.9CVSS6.7AI score0.00691EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/16 2:10 p.m.6 views

Security Bulletin: MongoDB Enterprised Advanced affected by: Use of a Broken or Risky Cryptographic Algorithm, Covert Timing Channel (CVE-2025-14813, CVE-2026-5598)

Summary There are vulnerabilities in bcprov-jdk18on-1.83.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-14813, CVE-2026-5598. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-14813 DESCRIPTION: : Use of a Broken or Risky Cryptographic Algorithm...

9.9CVSS5.3AI score0.00691EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 12:5 p.m.6 views

Security Bulletin: IBM Technical Support Appliance is affected by an LDAP Injection Vulnerability in Bouncy Castle BC-JAVA

Summary IBM Technical Support Appliance TSA includes a vulnerable version of the Bouncy Castle BC-JAVA provider library bcprov-jdk18on-1.78.1.jar. A flaw in the BC-JAVA LDAP certificate store implementation LDAPStoreHelper could allow improper neutralization of special elements used in LDAP...

6.9CVSS5.5AI score0.00527EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/29 9:0 a.m.10 views

Security Bulletin: There is a vulnerability in bcprov-jdk18on-1.81.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2025-14813)

Summary There is a vulnerability in bcprov-jdk18on-1.81.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2025-14813 DESCRIPTION: : Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA...

9.9CVSS7.1AI score0.00691EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/20 12:0 a.m.17 views

Linux Distros Unpatched Vulnerability : CVE-2025-14813

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - : Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC- JAVA bcprov on all core modules. This vulnerability is...

9.3CVSS5.8AI score0.00313EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/18 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-0636

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper neutralization of special elements used in an LDAP query 'LDAP injection' vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all prov...

6.9CVSS5.8AI score0.00527EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2026/04/17 6:31 p.m.10 views

org.bouncycastle:bcmail-jdk14 (>=1.74 <=1.83), org.bouncycastle:bcpg-jdk14 (>=1.74 <=1.83) +11 more potentially affected by CVE-2026-0636 via org.bouncycastle:bcprov-jdk14 (>=1.74 <=1.83)

org.bouncycastle:bcprov-jdk14 MAVEN version =1.74, =1.74, =1.74, =1.74, =1.74, =1.74, =0.2.5, =1.0.1-rc.1, =9.2.0, =9.2.0, =9.2.0, =9.2.0, =9.2.0, =9.3.2 Source cves: CVE-2026-0636 Source advisory: OSV:GHSA-C3FC-8QFF-9HWX...

6.9CVSS5.8AI score0.00527EPSS
Exploits0
Snyk
Snyk
added 2026/04/15 10:16 a.m.9 views

LDAP Injection

Overview Affected versions of this package are vulnerable to LDAP Injection via the parseDN handling and the LDAP store helpers in X509LDAPCertStoreSpi and LDAPStoreHelper. An attacker can influence LDAP search filters by supplying a crafted X.500 subject or issuer string that is parsed into an...

7.3CVSS5.7AI score0.00527EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/04/15 10:16 a.m.9 views

org.bouncycastle:bcjmail-debug-jdk15to18 (>=1.81 <=1.83), org.bouncycastle:bcmail-debug-jdk15to18 (>=1.81 <=1.83) +4 more potentially affected by CVE-2026-0636 via org.bouncycastle:bcprov-debug-jdk15to18 (>=1.81 <=1.83)

org.bouncycastle:bcprov-debug-jdk15to18 MAVEN version =1.81, =1.81, =1.81, =1.81, =1.81, =1.81, =1.81, =1.83 Source cves: CVE-2026-0636 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-16075250...

6.9CVSS5.8AI score0.00527EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/15 10:16 a.m.11 views

app.cash.bittycity:outie (=0.0.1), app.cash.bittycity:outie-jooq-provider (=0.0.1) +1229 more potentially affected by CVE-2026-0636 via org.bouncycastle:bcprov-jdk15to18 (>=1.74 <=1.83)

org.bouncycastle:bcprov-jdk15to18 MAVEN version =1.74, =0.0.2, =0.0.2.1, =0.1.0-M36, =0.1.0-M27, =1.0.1, =3.5.0.0, =3.5.5.3 - cn.lnkdoc.sdk:awesome-uia-alipay-sdk =3.0.0-RC1 - cn.lnkdoc.sdk:awesome-uia-alipay-sdk-solon-boot-2-starter =3.0.0-RC1 -...

6.9CVSS5.7AI score0.00527EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/15 10:16 a.m.14 views

ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0), ai.ancf.lmos:lmos-router-llm-in-spring-cloud-gateway-demo (=0.1.0) +16281 more potentially affected by CVE-2026-0636 via org.bouncycastle:bcprov-jdk18on (>=1.74 <=1.83)

org.bouncycastle:bcprov-jdk18on MAVEN version =1.74, =0.2.0, =0.31.0, =0.5.0, =0.6.0, =0.5.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.7 and more Source cves: CVE-2026-0636 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-16075254...

6.9CVSS5.7AI score0.00527EPSS
Exploits0
Snyk
Snyk
added 2026/04/15 10:16 a.m.12 views

LDAP Injection

Overview org.bouncycastle:bcprov-jdk14 is a Java implementation of cryptographic algorithms. Affected versions of this package are vulnerable to LDAP Injection via the parseDN handling and the LDAP store helpers in X509LDAPCertStoreSpi and LDAPStoreHelper. An attacker can influence LDAP search...

7.3CVSS5.7AI score0.00527EPSS
Exploits0References2
Rows per page
Query Builder