CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-1624

Malicious code in bioql PyPI...

5.9CVSS6.8AI score0.0049EPSS

Exploits0References38

Github Security Blog•added 2022/04/22 12:24 a.m.•45 views

Use of a Broken or Risky Cryptographic Algorithm in Apache WSS4J

The implementations of PKCS1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack...

5.9CVSS2.5AI score0.0049EPSS

Exploits0References37Affected Software2

NVD•added 2020/03/11 4:15 p.m.•24 views

CVE-2011-2487

The implementations of PKCS1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack...

5.9CVSS5.9AI score0.0049EPSS

Exploits0References18

Prion•added 2020/03/11 4:15 p.m.•22 views

Design/Logic Flaw

The implementations of PKCS1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack...

4.3CVSS6.8AI score0.0049EPSS

Exploits0References18Affected Software7

CVE•added 2020/03/11 3:45 p.m.•122 views

CVE-2011-2487

CVE-2011-2487 is referenced by GitHub advisory GHSA-vjwc-5HFH-2VV5, which notes that Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 leak information about decryption failures when decrypting an encrypted key or message data, making it easier to recover plaintext keys via crafted messages. The ...

5.9CVSS5.7AI score0.0049EPSS

Exploits0References18Affected Software2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by