Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bouncycastle legion-of-the-bouncy-castle-java-crytography-api vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2017-13098
BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE (Java Cryptography Extension) for cryptographic functions, provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a ...
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api
5.5
CVSSv3
CVE-2016-2427
The AES-GCM specification in RFC 5084, as used in Android 5.x and 6.x, recommends 12 octets for the aes-ICVlen parameter field, which might make it easier for malicious users to defeat a cryptographic protection mechanism and discover an authentication key via a crafted applicati...
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.54
Google Android 5.1.0
Google Android 6.0.1
Google Android 6.0
Google Android 5.0.1
Google Android 5.0
Google Android 5.1
NA
CVE-2013-1624
The TLS implementation in the Bouncy Castle Java library prior to 1.48 and C# library prior to 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote malicious users to c...
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.12
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.11
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.20
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.17
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.04
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.03
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.08
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.07
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.06
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.16
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.13
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.23
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.24
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.32
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.31
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.43
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.44
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.02
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.01
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.05
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.19
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.14
NA
CVE-2007-6721
The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package prior to 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes."
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.31
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.30
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.29
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.22
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.21
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.14
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.13
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.05
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.04
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.33
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.32
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.23
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.24
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.16
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.15
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.08
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.07
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.06
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.36
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.28
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.27
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.20
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2