Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bouncycastle legion-of-the-bouncy-castle-java-crytography-api vulnerabilities and exploits
(subscribe to this query)
384
VMScore
CVE-2016-1000346
In the Bouncy Castle JCE Provider version 1.55 and previous versions the other party DH public key is not fully validated. This can cause issues as invalid keys can be used to reveal details about the other party's private key where static Diffie-Hellman is in use. As of rel...
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api
Debian Debian Linux 8.0
383
VMScore
CVE-2016-2427
The AES-GCM specification in RFC 5084, as used in Android 5.x and 6.x, recommends 12 octets for the aes-ICVlen parameter field, which might make it easier for malicious users to defeat a cryptographic protection mechanism and discover an authentication key via a crafted applicati...
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.54
Google Android 5.1.0
Google Android 6.0.1
Google Android 6.0
Google Android 5.0.1
Google Android 5.0
Google Android 5.1
356
VMScore
CVE-2013-1624
The TLS implementation in the Bouncy Castle Java library prior to 1.48 and C# library prior to 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote malicious users to c...
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.12
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.11
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.20
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.17
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.04
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.03
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.08
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.07
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.06
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.16
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.13
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.23
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.24
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.32
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.31
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.43
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.44
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.02
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.01
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.05
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.19
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.14
320
VMScore
CVE-2018-5382
The default BKS keystore use an HMAC that is only 16 bits long, which can allow an malicious user to compromise the integrity of a BKS keystore. Bouncy Castle release 1.47 changes the BKS format to a format which uses a 160 bit HMAC instead. This applies to any BKS keystore gener...
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api
Redhat Satellite 6.4
Redhat Satellite Capsule 6.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2