EUVD-2018-0703

Malware in sbrugna...

EUVD-2018-0476

Malware in sbrugna...

EUVD-2006-6403

Malware in sbrugna...

EUVD-2018-0591

Malware in sbrugna...

EUVD-2006-6149

Malware in sbrugna...

EUVD-2015-2693

Malware in sbrugna...

EUVD-2018-0562

Malware in sbrugna...

EUVD-2018-0506

Malware in sbrugna...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write via the JCE Cipher.doFinal function in org/bouncycastle/jcajce/provider/BaseCipher when the same byte array is used for both input and output during native encrypt or decrypt operations. An attacker can cause data...

Linux Distros Unpatched Vulnerability : CVE-2016-1000343

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Bouncy Castle JCE Provider version 1.55 and earlier the DSA key pair generator generates a weak private key if used with default values. If the JCA key...

Linux Distros Unpatched Vulnerability : CVE-2016-1000344

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for...

Linux Distros Unpatched Vulnerability : CVE-2016-1000339

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Bouncy Castle JCE Provider version 1.55 and earlier the primary engine class used for AES was AESFastEngine. Due to the highly table driven approach used...

CVE-2009-3194

Cross-site scripting XSS vulnerability in index.php in JCE-Tech SearchFeed Script allows remote attackers to inject arbitrary web script or HTML via the search parameter...

CVE-2009-3198

Cross-site scripting XSS vulnerability in search.php in JCE-Tech Affiliate Master Datafeed Parser Script 2.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter...

CVE-2009-3197

Cross-site scripting XSS vulnerability in search.php in JCE-Tech PHP Calendars Script allows remote attackers to inject arbitrary web script or HTML via the search parameter...

CVE-2009-3196

Cross-site scripting XSS vulnerability in index.php in JCE-Tech PHP Video Script allows remote attackers to inject arbitrary web script or HTML via the key parameter...

CVE-2009-3195

Multiple cross-site scripting XSS vulnerabilities in JCE-Tech Auction RSS Content Script 3.0 allow remote attackers to inject arbitrary web script or HTML via the id parameter to 1 rss.php and 2 search.php...

[SECURITY] Fedora 40 Update: jss-5.5.0-1.fc40.1

Java Security Services JSS is a java native interface which provides a brid ge for java-based applications to use native Network Security Services NSS. This only works with gcj. Other JREs require that JCE providers be signed...

[SECURITY] Fedora 40 Update: bouncycastle-1.70-13.fc40

The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.5 to JDK 1.8...

The vulnerability of Java Secure Socket Extension (JSSE) and IBMJCEPlus, components of the IBM SDK Java Technology development environment, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Java Secure Socket Extension JSSE and IBMJCEPlus, part of the IBM SDK Java Technology development tools, is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow an attacker, operating remotely, to gain...