Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bouncycastle bouncy castle for java vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-13098
BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE (Java Cryptography Extension) for cryptographic functions, provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a ...
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api
4.3
CVSSv2
CVE-2016-2427
The AES-GCM specification in RFC 5084, as used in Android 5.x and 6.x, recommends 12 octets for the aes-ICVlen parameter field, which might make it easier for malicious users to defeat a cryptographic protection mechanism and discover an authentication key via a crafted applicati...
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.54
Google Android 5.1.0
Google Android 6.0.1
Google Android 6.0
Google Android 5.0.1
Google Android 5.0
Google Android 5.1
5
CVSSv2
CVE-2015-7940
The Bouncy Castle Java library prior to 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote malicious users to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve att...
Opensuse Opensuse 13.2
Opensuse Leap 42.1
Opensuse Opensuse 13.1
Bouncycastle Bouncy Castle Crypto Package
Oracle Virtual Desktop Infrastructure 3.5.2
Oracle Enterprise Manager Ops Center 12.1.4
Oracle Peoplesoft Enterprise Peopletools 8.55
Oracle Peoplesoft Enterprise Peopletools 8.54
Oracle Enterprise Manager Ops Center 12.2.2
Oracle Application Testing Suite 12.5.0.2
Oracle Application Testing Suite 12.5.0.3
Oracle Application Testing Suite 12.5.0.1
4
CVSSv2
CVE-2013-1624
The TLS implementation in the Bouncy Castle Java library prior to 1.48 and C# library prior to 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote malicious users to c...
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.12
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.11
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.20
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.17
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.04
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.03
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.08
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.07
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.06
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.16
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.13
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.23
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.24
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.32
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.31
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.43
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.44
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.02
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.01
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.05
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.19
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.14
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2