Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
botan vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2021-24115
In Botan prior to 2.17.3, constant-time computations are not used for certain decoding and encoding operations (base32, base58, base64, and hex).
Botan Project Botan
668
VMScore
CVE-2018-9127
Botan 2.2.0 - 2.4.0 (fixed in 2.5.0) improperly handled wildcard certificates and could accept certain certificates as valid for hostnames when, under RFC 6125 rules, they should not match. This only affects certificates issued to the same domain as the host, so to impersonate a ...
Botan Project Botan
668
VMScore
CVE-2017-2801
A programming error exists in a way Randombit Botan cryptographic library version 2.0.1 implements x500 string comparisons which could lead to certificate verification issues and abuse. A specially crafted X509 certificate would need to be delivered to the client or server applic...
Botan Project Botan 2.0.1
668
VMScore
CVE-2016-6878
The Curve25519 code in botan prior to 1.11.31, on systems without a native 128-bit integer type, might allow malicious users to have unspecified impact via vectors related to undefined behavior, as demonstrated on 32-bit ARM systems compiled by Clang.
Botan Project Botan
668
VMScore
CVE-2015-7826
botan 1.11.x prior to 1.11.22 improperly handles wildcard matching against hostnames, which might allow remote malicious users to have unspecified impact via a valid X.509 certificate, as demonstrated by accepting *.example.com as a match for bar.foo.example.com.
Botan Project Botan
668
VMScore
CVE-2016-9132
In Botan 1.8.0 up to and including 1.11.33, when decoding BER data an integer overflow could occur, which would cause an incorrect length field to be computed. Some API callers may use the returned (incorrect and attacker controlled) length field in a way which later causes memor...
Botan Project Botan 1.10.7
Botan Project Botan 1.9.9
Botan Project Botan 1.11.18
Botan Project Botan 1.9.17
Botan Project Botan 1.11.0
Botan Project Botan 1.10.9
Botan Project Botan 1.11.21
Botan Project Botan 1.11.26
Botan Project Botan 1.8.4
Botan Project Botan 1.11.32
Botan Project Botan 1.10.15
Botan Project Botan 1.11.19
Botan Project Botan 1.9.10
Botan Project Botan 1.10.12
Botan Project Botan 1.8.0
Botan Project Botan 1.9.3
Botan Project Botan 1.11.12
Botan Project Botan 1.9.4
Botan Project Botan 1.10.8
Botan Project Botan 1.9.8
Botan Project Botan 1.8.13
Botan Project Botan 1.9.13
645
VMScore
CVE-2006-1584
Unspecified vulnerability in index.php in Warcraft III Replay Parser for PHP 1.8c allows remote malicious users to inject arbitrary web script or HTML via the page parameter, possibly related to fopen function calls or file uploads. NOTE: post-disclosure analysis by CVE suggests ...
Juliusz Julas Gonera Warcraft Iii Replay Parser Php 1.8c
1 EDB exploit
505
VMScore
CVE-2006-2119
PHP remote file inclusion vulnerability in event/index.php in Artmedic Event allows remote malicious users to execute arbitrary code via a URL in the page parameter.
Artmedic Webdesign Artmedic Event
1 EDB exploit
505
VMScore
CVE-2006-1497
Directory traversal vulnerability in index.php in ViHor Design allows remote malicious users to read arbitrary files via the page parameter.
Vihor Vihordesign 1.0.6
1 EDB exploit
445
VMScore
CVE-2018-9860
An issue exists in Botan 1.11.32 up to and including 2.x prior to 2.6.0. An off-by-one error when processing malformed TLS-CBC ciphertext could cause the receiving side to include in the HMAC computation exactly 64K bytes of data following the record buffer, aka an over-read. The...
Botan Project Botan
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »