Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bouncycastle bouncy castle crypto package vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2020-15522
Bouncy Castle BC Java prior to 1.66, BC C# .NET prior to 1.8.7, BC-FJA prior to 1.0.1.2, 1.0.2.1, and BC-FNA prior to 1.0.1.1 have a timing issue within the EC math library that can expose information about the private key when an attacker is able to observe timing information fo...
Bouncycastle Legion-of-the-bouncy-castle-fips-java-api
Bouncycastle Bc-csharp
Bouncycastle Bouncy Castle Fips .net Api
Bouncycastle The Bouncy Castle Crypto Package For Java
2 Github repositories
NA
CVE-2015-7940
The Bouncy Castle Java library prior to 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote malicious users to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve att...
Opensuse Leap 42.1
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Bouncycastle Bouncy Castle Crypto Package
Oracle Peoplesoft Enterprise Peopletools 8.54
Oracle Virtual Desktop Infrastructure 3.5.2
Oracle Enterprise Manager Ops Center 12.2.2
Oracle Application Testing Suite 12.5.0.2
Oracle Application Testing Suite 12.5.0.1
Oracle Enterprise Manager Ops Center 12.1.4
Oracle Application Testing Suite 12.5.0.3
Oracle Peoplesoft Enterprise Peopletools 8.55
NA
CVE-2007-6721
The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package prior to 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes."
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.01
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.02
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.03
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.04
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.05
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.06
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.07
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.08
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.09
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.10
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.11
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.12
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.13
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.14
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.15
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.16
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.17
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.18
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.19
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.20
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.21
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started