Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

28 matches found

OSV
OSVadded 2015/02/28 2:59 a.m.0 views

UBUNTU-CVE-2015-0886

Integer overflow in the cryptraw method in the key-stretching implementation in jBCrypt before 0.4 makes it easier for remote attackers to determine cleartext values of password hashes via a brute-force attack against hashes associated with the maximum exponent...

5CVSS7.4AI score0.04803EPSS
Exploits0References6
Cvelist
Cvelistadded 2015/02/28 2:0 a.m.20 views

CVE-2015-0886

Integer overflow in the cryptraw method in the key-stretching implementation in jBCrypt before 0.4 makes it easier for remote attackers to determine cleartext values of password hashes via a brute-force attack against hashes associated with the maximum exponent...

5.5AI score0.04803EPSS
Exploits0References10
CVE
CVEadded 2015/02/28 2:0 a.m.325 views

CVE-2015-0886

CVE-2015-0886: Integer overflow in the crypt_raw function of jBCrypt’s key-stretching implementation (affecting versions before 0.4) can allow a remote attacker to more easily brute-force and determine cleartext values of password hashes associated with the maximum exponent. Impact is that passwo...

5CVSS5.4AI score0.04803EPSS
Exploits0References10Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2015/02/27 5:3 a.m.1 views

Vulnerability in the jBCrypt key stretching process

Overview jBCrypt is a Java implementation to compute password hashes. jBCrypt contains an integer overflow vulnerability in the key stretching process. An integer overflow occurs when the parameter for the repetition count is set to the maximum value allowed, 31. Norito AGETSUMA reported this...

5CVSS7AI score0.04803EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2015/02/27 12:0 a.m.33 views

JVN#77718330: Vulnerability in the jBCrypt key stretching process

jBCrypt is a Java implementation to compute password hashes. jBCrypt contains an integer overflow vulnerability in the key stretching process. An integer overflow occurs when the parameter for the repetition count is set to the maximum value allowed, 31. Impact When the hash value for a password ...

5CVSS5.4AI score0.04803EPSS
Exploits0
FreeBSD
FreeBSDadded 2015/01/30 12:0 a.m.20 views

cassandra3 -- jBCrypt integer overflow

mindrot project reports: There is an integer overflow that occurs with very large logrounds values, first reported by Marcus Rathsfeld...

5CVSS9.4AI score0.04803EPSS
Exploits0References1
securityvulns
securityvulnsadded 2010/02/04 12:0 a.m.20 views

jBCrypt library cryptographic vulnerability

non-ASCII characters are converted to '?' befor hash calculation...

2.4AI score
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2010/02/04 12:0 a.m.62 views

Advisory: jBCrypt < 0.3 character encoding vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 jBCrypt security advisory ========================= jBCrypt is a Java implementation of OpenBSD's Blowfish password hashing algorithm, as described in "A Future-Adaptable Password Scheme" by Niels Provos and David Mazieres USENIX, 1999. Versions of...

Exploits0
Rows per page
Query Builder