Lucene search
K

10 matches found

vulnersOsv
vulnersOsv
added 2018/10/17 4:27 p.m.6 views

ae.vigilancer.android-run-app:ae.vigilancer.android-run-app.gradle.plugin (>=1.0.1 <=1.0.2), aero.m-click:mcpdf (>=0.2.3 <=0.2.4) +6778 more potentially affected by CVE-2016-1000346 via org.bouncycastle:bcprov-jdk15on (>=1.46 <=1.55)

org.bouncycastle:bcprov-jdk15on MAVEN version =1.46, =1.0.1, =0.2.3, =0.42.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.3 and more Source cves: CVE-2016-1000346 Source advisory: OSV:GHSA-FJQM-246C-MWQG...

4.3CVSS6.6AI score0.02284EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2018/10/17 4:27 p.m.7 views

ae.teletronics.nlp:entityextraction (>=1.3 <=1.4), ai.h2o:h2o-app (>=0.1.22 <=0.1.25) +1040 more potentially affected by CVE-2016-1000346 via org.bouncycastle:bcprov-jdk15 (>=1.38 <=1.46)

org.bouncycastle:bcprov-jdk15 MAVEN version =1.38, =1.3, =0.1.22, =0.1.22, =1.0.0, =2.1.0, =1.0.1, =4.2.0, =1.1.2, =1.1.2, =1.1.2, =1.1.2, =1.1.2, =1.1.2, =1.1.2, =1.0.3, =1.3.3 and more Source cves: CVE-2016-1000346 Source advisory: OSV:GHSA-FJQM-246C-MWQG...

4.3CVSS6.4AI score0.02284EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2018/09/11 7:53 a.m.132 views

Important: Red Hat Security Advisory: Fuse 7.1 security update

An update is now available for Red Hat Fuse. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

9.8CVSS7.7AI score0.96121EPSS
Exploits7References27
OpenVAS
OpenVAS
added 2018/08/02 12:0 a.m.36 views

Ubuntu: Security Advisory (USN-3727-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.0482EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/07/09 12:0 a.m.45 views

Debian DLA-1418-1 : bouncycastle security update

Several security vulnerabilities were found in Bouncy Castle, a Java implementation of cryptographic algorithms. CVE-2016-1000338 DSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have...

7.5CVSS6.3AI score0.03174EPSS
Exploits0References9
Debian
Debian
added 2018/07/07 1:56 p.m.37 views

[SECURITY] [DLA 1418-1] bouncycastle security update

Package : bouncycastle Version : 1.49+dfsg-3+deb8u3 CVE ID : CVE-2016-1000338 CVE-2016-1000339 CVE-2016-1000341 CVE-2016-1000342 CVE-2016-1000343 CVE-2016-1000345 CVE-2016-1000346 Several security vulnerabilities were found in Bouncy Castle, a Java implementation of cryptographic algorithms...

7.5CVSS7.4AI score0.03174EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2018/06/07 5:49 a.m.19 views

CVE-2016-1000346

In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. This can cause issues as invalid keys can be used to reveal details about the other party's private key where static Diffie-Hellman is in use. As of release 1.56 the key parameters are...

4.8CVSS2.7AI score0.02284EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/06/04 9:0 p.m.26 views

CVE-2016-1000346

In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. This can cause issues as invalid keys can be used to reveal details about the other party's private key where static Diffie-Hellman is in use. As of release 1.56 the key parameters are...

5.6AI score0.02284EPSS
Exploits0References7
CVE
CVE
added 2018/06/04 9:0 p.m.153 views

CVE-2016-1000346

CVE-2016-1000346 is a vulnerability in the Bouncy Castle JCE Provider where, in version 1.55 and earlier, the other party's DH public key was not fully validated during Diffie-Hellman key exchange, enabling potential leakage of private key details. Release 1.56 added parameter checks on the agree...

4.3CVSS5.4AI score0.02284EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2018/06/04 9:0 p.m.29 views

CVE-2016-1000346

In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. This can cause issues as invalid keys can be used to reveal details about the other party's private key where static Diffie-Hellman is in use. As of release 1.56 the key parameters are...

4.3CVSS6.3AI score0.02284EPSS
Exploits0
Rows per page
Query Builder