Security Bulletin: multiple vulerability in IBM Spectrum Symphony with Bouncy Castle Java API

Summary multiple vulerability in IBM Spectrum Symphony with Bouncy Castle Java TLS API Vulnerability Details CVEID:CVE-2025-8916 DESCRIPTION: Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All API modules, Legion of the...

Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack")

An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing...

PT-2024-23223

Name of the Vulnerable Software and Affected Versions Bouncy Castle Java TLS API and JSSE Provider versions prior to 1.78 Description An issue may cause timing-based leakage in RSA based handshakes due to exception processing. Recommendations For versions prior to 1.78, update to version 1.78 or...

CVE-2011-1175

tcptls.c in the TCP/TLS server in Asterisk Open Source 1.6.1.x before 1.6.1.23, 1.6.2.x before 1.6.2.17.1, and 1.8.x before 1.8.3.1 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash by establishing many short TCP sessions to services that use a certain...

CVE-2011-1175

tcptls.c in the TCP/TLS server in Asterisk Open Source 1.6.1.x before 1.6.1.23, 1.6.2.x before 1.6.2.17.1, and 1.8.x before 1.8.3.1 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash by establishing many short TCP sessions to services that use a certain...