Lucene search
K

133 matches found

Snyk
Snyk
added 2026/04/15 10:16 a.m.8 views

Use of a Broken or Risky Cryptographic Algorithm

Overview Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm due to the generateCTR process in G3413CTRBlockCipher. An attacker can recover relationships between encrypted plaintext blocks by driving the cipher past its counter range and causing th...

9.3CVSS5.7AI score0.00313EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/04/15 10:16 a.m.13 views

org.bouncycastle:bcmail-debug-jdk14 (>=1.81 <=1.83), org.bouncycastle:bcpg-debug-jdk14 (>=1.81 <=1.83) +3 more potentially affected by CVE-2025-14813 via org.bouncycastle:bcprov-debug-jdk14 (>=1.81 <=1.83)

org.bouncycastle:bcprov-debug-jdk14 MAVEN version =1.81, =1.81, =1.81, =1.81, =1.81, =1.81, =1.83 Source cves: CVE-2025-14813 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-16075261...

9.3CVSS5.8AI score0.00313EPSS
Exploits0
Snyk
Snyk
added 2026/04/15 10:16 a.m.10 views

Use of a Broken or Risky Cryptographic Algorithm

Overview Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm due to the generateCTR process in G3413CTRBlockCipher. An attacker can recover relationships between encrypted plaintext blocks by driving the cipher past its counter range and causing th...

9.3CVSS5.7AI score0.00313EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/04/15 10:16 a.m.9 views

app.cash.bittycity:outie (=0.0.1), app.cash.bittycity:outie-jooq-provider (=0.0.1) +1824 more potentially affected by CVE-2025-14813 via org.bouncycastle:bcprov-jdk15to18 (>=1.63 <=1.83)

org.bouncycastle:bcprov-jdk15to18 MAVEN version =1.63, =0.0.2, =0.0.1, =0.2.9, =0.1.0, =0.2.1, =0.2.0, =0.1.0-M36, =0.1.0-M26, =1.0.0, =1.0.1, =0.2.0, =0.2.0, =0.3.0 - ch.pontius.nio:smb-nio =0.9.0 and more Source cves: CVE-2025-14813 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-16075265...

9.3CVSS7.2AI score0.00313EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/15 10:13 a.m.10 views

org.bouncycastle:bcjmail-debug-jdk15to18 (>=1.81 <=1.83), org.bouncycastle:bcmail-debug-jdk15to18 (>=1.81 <=1.83) +4 more potentially affected by CVE-2026-5598 via org.bouncycastle:bcprov-debug-jdk15to18 (>=1.81 <=1.83)

org.bouncycastle:bcprov-debug-jdk15to18 MAVEN version =1.81, =1.81, =1.81, =1.81, =1.81, =1.81, =1.81, =1.83 Source cves: CVE-2026-5598 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-16074608...

9.9CVSS5.8AI score0.00691EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/15 10:13 a.m.7 views

ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0), ai.ancf.lmos:lmos-router-llm-in-spring-cloud-gateway-demo (=0.1.0) +17247 more potentially affected by CVE-2026-5598 via org.bouncycastle:bcprov-jdk18on (>=1.71 <=1.83)

org.bouncycastle:bcprov-jdk18on MAVEN version =1.71, =0.2.0, =0.31.0, =0.5.0, =0.6.0, =0.5.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.7 and more Source cves: CVE-2026-5598 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-16074612...

9.9CVSS7AI score0.00691EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/15 10:13 a.m.8 views

io.github.jinahya:jinahya-bcprov (=0.0.1), org.apache.camel.karaf:camel-as2 (>=4.7.0 <=4.10.7) +14 more potentially affected by CVE-2026-5598 via org.bouncycastle:bcprov-debug-jdk18on (>=1.71 <=1.83)

org.bouncycastle:bcprov-debug-jdk18on MAVEN version =1.71, =4.7.0, =4.7.0, =3.0.0-M1, =3.0.0-M1, =3.2.0, =3.18.0, =3.18.0, =3.18.0, =1.81, =1.81, =1.81, =1.81, =1.81, =1.81, =1.83 and more Source cves: CVE-2026-5598 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-16074609...

9.9CVSS5.8AI score0.00691EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/15 10:13 a.m.6 views

app.cash.bittycity:outie (=0.0.1), app.cash.bittycity:outie-jooq-provider (=0.0.1) +1449 more potentially affected by CVE-2026-5598 via org.bouncycastle:bcprov-jdk15to18 (>=1.71 <=1.83)

org.bouncycastle:bcprov-jdk15to18 MAVEN version =1.71, =0.0.2, =0.0.2.1, =0.2.9, =0.2.8, =0.2.8, =0.2.8, =0.1.0-M36, =0.1.0-M27, =1.0.1, =3.5.0.0, =3.5.5.3 - cn.lnkdoc.sdk:awesome-uia-alipay-sdk =3.0.0-RC1 - cn.lnkdoc.sdk:awesome-uia-alipay-sdk-solon-boot-2-starter =3.0.0-RC1 and more Source cves...

9.9CVSS7AI score0.00691EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/04/15 8:59 a.m.13 views

CVE-2026-0636

Improper neutralization of special elements used in an LDAP query 'LDAP injection' vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all prov modules. This vulnerability is associated with program files LDAPStoreHelper. This issue affects BC-JAVA: from 1.74 before 1.80.2, from...

6.9CVSS5.8AI score0.00527EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/29 3:41 p.m.11 views

Security Bulletin: IBM® Db2® Federated server is affected by a vulnerability in bcprov-jdk18on and bcpkix-jdk18on (CVE-2025-8916)

Summary IBM® Db2® Federated server is affected by a vulnerability in bcprov-jdk18on and bcpkix-jdk18on. Vulnerability Details CVEID:CVE-2025-8916 DESCRIPTION: Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All API modules,...

6.3CVSS5.9AI score0.0043EPSS
Exploits0Affected Software1
Snyk
Snyk
added 2025/10/24 11:43 p.m.1 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in DisposalDaemon.java. In high-core environments under heavy load, the disposal thread can fall behind and allow excessive memory use. Note This issue was reported for environments...

5.9CVSS7AI score0.00142EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-24555

Malicious code in bioql PyPI...

6.3CVSS6.2AI score0.0043EPSS
Exploits0References4
Snyk
Snyk
added 2025/08/22 9:43 a.m.4 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the AESNativeCBC class due to the use of a private instance class, rather than a private static class. An attacker can cause heap exhaustion by triggering excessive memory allocati...

7.1CVSS6.9AI score0.00149EPSS
Exploits0References2
OSV
OSV
added 2025/08/13 12:31 p.m.3 views

GHSA-4CX2-FC23-5WG6 Bouncy Castle for Java bcpkix, bcprov, bcpkix-fips on All (API modules) allows Excessive Allocation

Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bcpkix, bcprov, bcpkix-fips on All API modules allows Excessive Allocation. This vulnerability is associated with program files...

6.3CVSS6.8AI score0.0043EPSS
Exploits0References6
OSV
OSV
added 2025/08/13 10:15 a.m.3 views

DEBIAN-CVE-2025-8916

Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All API modules, Legion of the Bouncy Castle Inc. BC Java bcprov on All API modules, Legion of the Bouncy Castle Inc. BCPKIX FIPS bcpkix-fips on All API modules allows Excessiv...

6.3CVSS6.5AI score0.0043EPSS
Exploits0References1
Snyk
Snyk
added 2025/08/13 9:52 a.m.11 views

Allocation of Resources Without Limits or Throttling

Overview org.bouncycastle:bcprov-ext-jdk15to18 is a Java implementation of cryptographic algorithms. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to improper processing of large name constraint structures in PKIXCertPathReviewer. An...

6.3CVSS6.8AI score0.0043EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/08/13 9:52 a.m.8 views

com.walterjwhite.java.examples:ssh (=0.0.17), com.walterjwhite.java.modules.linux-builder.modules.cli.providers:cdi (=0.0.17) +23 more potentially affected by CVE-2025-8916 via org.bouncycastle:bcprov-ext-jdk14 (>=1.51 <=1.72)

org.bouncycastle:bcprov-ext-jdk14 MAVEN version =1.51, =0.1.0, =0.1.0, =0.1.2 - io.github.qsy7.java.modules.linux-builder.modules.cli.providers:guice =0.1.0 and more Source cves: CVE-2025-8916 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-11789696...

6.3CVSS6.7AI score0.0043EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/08/13 9:52 a.m.10 views

ae.vigilancer.android-run-app:ae.vigilancer.android-run-app.gradle.plugin (>=1.0.1 <=1.0.2), aero.m-click:mcpdf (>=0.2.3 <=0.2.10) +30376 more potentially affected by CVE-2025-8916 via org.bouncycastle:bcprov-jdk15on (>=1.46 <=1.70)

org.bouncycastle:bcprov-jdk15on MAVEN version =1.46, =1.0.1, =0.2.3, =4.4.0.0, =0.42.1, =0.1.12, =0.1.2, =0.28.0, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.3 and more Source cves: CVE-2025-8916 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-11789705...

6.3CVSS6.7AI score0.0043EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/08/13 9:52 a.m.10 views

com.github.mizosoft.methanol:benchmarks (>=1.1.0 <=1.2.0), com.github.mizosoft.methanol:methanol-testutils (>=1.1.0 <=1.2.0) +35 more potentially affected by CVE-2025-8916 via org.bouncycastle:bcprov-debug-jdk15on (>=1.53 <=1.70)

org.bouncycastle:bcprov-debug-jdk15on MAVEN version =1.53, =1.1.0, =1.1.0, =0.8.635, =0.8.635, =0.8.635, =0.8.635, =0.0.1, =4.4.0, =1.3.8, =1.3.7, =1.3.7, =1.3.8, =1.4.0 - de.ohmesoftware:keytool =0.0.2 and more Source cves: CVE-2025-8916 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-11789704...

6.3CVSS6.7AI score0.0043EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/08/13 9:52 a.m.14 views

org.apache.camel.karaf:camel-as2 (>=4.7.0 <=4.8.9), org.apache.camel.karaf:camel-as2-test (>=4.7.0 <=4.8.9) +6 more potentially affected by CVE-2025-8916 via org.bouncycastle:bcprov-debug-jdk18on (>=1.71 <=1.78)

org.bouncycastle:bcprov-debug-jdk18on MAVEN version =1.71, =4.7.0, =4.7.0, =3.0.0-M1, =3.0.0-M1, =3.2.0, =3.18.0, =3.18.0, =3.18.0, =4.8.9 Source cves: CVE-2025-8916 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-11789690...

6.3CVSS6.7AI score0.0043EPSS
Exploits0
Rows per page
Query Builder