CVE-2025-14813 GOSTCTR implementation unable to process more than 255 blocks correctly

: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all core modules. This vulnerability is associated with program files G3413CTRBlockCipher. This issue affects BC-JAVA: from 1.59 before 1.80.2, from 1.81 before 1.81.1, from 1.82...

Malicious code in crypto-provider (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 21ee45d9d771c938c2a2830fda64f84172fe28c001cb1dd2d725b2c05ea39068 The OpenSSF Package Analysis project identified 'crypto-provider' @ 0.3.4 npm as malicious. It is considered malicious because: - The package...

MAL-2025-3715 Malicious code in crypto-provider (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 21ee45d9d771c938c2a2830fda64f84172fe28c001cb1dd2d725b2c05ea39068 The OpenSSF Package Analysis project identified 'crypto-provider' @ 0.3.4 npm as malicious. It is considered malicious because: - The package...

ae.vigilancer.android-run-app:ae.vigilancer.android-run-app.gradle.plugin (>=1.0.1 <=1.0.2), am.ik.home:uaa-server (>=1.0.0 <=1.2.0) +1386 more potentially affected by CVE-2018-5382 via org.bouncycastle:bcprov-jdk15on (>=1.46 <=1.49)

org.bouncycastle:bcprov-jdk15on MAVEN version =1.46, =1.0.1, =1.0.0, =1.1.7, =1.1.9, =1.0.0, =2.0.7, =3.6.1, =3.11.0, =3.19.0 and more Source cves: CVE-2018-5382 Source advisory: OSV:GHSA-8477-3V39-GGPM...

GHSA-M26P-M559-G5J5 Legion of the Bouncy Castle Java Cryptography API Bleichenbacher Oracle Vulnerability

The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes."...

Denial Of Service (DoS)

openjdk is vulnerable to denial of service. It was discovered that crypto provider implementations in the JCE component of OpenJDK for crypto algorithms such as AES or SHA did not perform array bounds checks. This can lead to out-of-bounds access if compiler intrinsics were used instead of the Ja...

Veeam ONE installation fails with "Couldn't create crypto provider" message

Challenge Veeam ONE installation fails with "Couldn't create crypto provider" message. Cause One of the known issues with Microsoft update 3000850 as per this MS KB article is the following: Opening Credential Manager fails with error 0x80090345", that also affects creating the crypto provider...

openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2013:1663-1)

Update to icedtea 2.4.3 bnc846999 synchronized OpenJDK 7 support with the upstream u45 b31 fixes the following issues : - S8006900, CVE-2013-3829: Add new date/time capability - S8008589: Better MBean permission validation - S8011071, CVE-2013-5780: Better crypto provider handling - S8011081,...

SuSE 11.2 Security Update : OpenJDK 1.6 (SAT Patch Number 8598)

OpenJDK 1.6 was updated to the new Icedtea release 1.12.7, which includes many fixes for bugs and security issues : - S8006900, CVE-2013-3829: Add new date/time capability - S8008589: Better MBean permission validation - S8011071, CVE-2013-5780: Better crypto provider handling - S8011081,...

CVE-2009-2137

Memory leak in the Ultra-SPARC T2 crypto provider device driver aka n2cp in Sun Solaris 10, and OpenSolaris snv54 through snv112, allows context-dependent attackers to cause a denial of service memory consumption via unspecified vectors related to a large keylen value...

CVE-2009-2137

Memory leak in the Ultra-SPARC T2 crypto provider device driver aka n2cp in Sun Solaris 10, and OpenSolaris snv54 through snv112, allows context-dependent attackers to cause a denial of service memory consumption via unspecified vectors related to a large keylen value...

CVE-2009-2137

The CVE-2009-2137 issue is a memory leak in the Ultra-SPARC T2 crypto provider device driver (n2cp) on Sun Solaris 10 and OpenSolaris (snv_54–snv_112). The vulnerability allows context-dependent attackers to cause a denial of service through memory consumption triggered by very large keylen value...

DEBIAN-CVE-2007-6721

The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes."...

PT-2009-1169 · Bouncy Castle · Crypto Provider Package +1

Name of the Vulnerable Software and Affected Versions: Bouncy Castle Java Cryptography API versions prior to 1.38 Crypto Provider Package versions prior to 1.36 Description: The issue is related to a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes, which has...

CVE-2006-3968

The crypto provider in Sun Solaris 10 3/05 HW2 without patch 121236-01, when running on Sun Fire T2000 platforms, incorrectly verifies a DSA signature, which might prevent applications from detecting that the data has been modified...

CVE-2006-3968

CVE-2006-3968 affects Sun Solaris 10 (3/05 HW2) on Sun Fire T2000 platforms. The crypto provider fails to correctly verify DSA signatures, which might allow data modification to go undetected. Root cause is incorrect DSA signature verification in the Solaris crypto provider when running on affect...

CVE-2006-3968

The crypto provider in Sun Solaris 10 3/05 HW2 without patch 121236-01, when running on Sun Fire T2000 platforms, incorrectly verifies a DSA signature, which might prevent applications from detecting that the data has been modified...