Lucene search
K

5 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/10/21 10:58 a.m.11 views

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands are vulnerable to denial of service [CVE-2025-8885], [CVE-2025-8916]

Summary Bouncycastle bcprov is used by IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands are vulnerable to denial of service. This bulletin provides patch information to address the reported...

6.3CVSS6.3AI score0.00505EPSS
Exploits0Affected Software1
Snyk
Snyk
added 2025/08/12 9:40 a.m.9 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ASN1ObjectIdentifier. An attacker can cause excessive resource consumption by submitting specially crafted ASN.1 Object Identifiers, potentially leading to service disruption...

6.3CVSS7AI score0.00505EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2021/04/22 4:16 p.m.4 views

cn.regionsoft:ONE (=2.1.1), co.baiku.boot:ajavaer-cache (=0.3.0-RELEASES) +49 more potentially affected by CVE-2020-26939 via org.bouncycastle:bcprov-ext-jdk16 (>=1.45 <=1.46)

org.bouncycastle:bcprov-ext-jdk16 MAVEN version =1.45, =0.0.1-RELEASE, =0.0.1.RELEASE, =0.0.3.RELEASE, =0.0.1.RELEASE, =0.0.1.RELEASE, =0.0.1.RELEASE, =0.0.3.RELEASE, =0.0.1.RELEASE, =0.0.1.RELEASE, =0.0.1.RELEASE, =0.0.1.RELEASE, =0.0.9.RELEASE and more Source cves: CVE-2020-26939 Source advisor...

5.3CVSS6.7AI score0.00906EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2019/10/29 2:13 p.m.4 views

JSS: OCSP policy "Leaf and Chain" implicitly trusts the root certificate

A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be vulnerable to attacks such as Man in the Middle...

7.4CVSS5.7AI score0.00859EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2013/10/16 4:45 p.m.8 views

Java: XML signature spoofing

A flaw was found in the way Apache Santuario XML Security for Java validated XML signatures. Santuario allowed a signature to specify an arbitrary canonicalization algorithm, which would be applied to the SignedInfo XML fragment. A remote attacker could exploit this to spoof an XML signature via ...

4.3CVSS5.9AI score0.0593EPSS
Exploits1References5
Rows per page
Query Builder