Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
botan vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-9860
An issue exists in Botan 1.11.32 up to and including 2.x prior to 2.6.0. An off-by-one error when processing malformed TLS-CBC ciphertext could cause the receiving side to include in the HMAC computation exactly 64K bytes of data following the record buffer, aka an over-read. The...
Botan Project Botan
9.8
CVSSv3
CVE-2015-7826
botan 1.11.x prior to 1.11.22 improperly handles wildcard matching against hostnames, which might allow remote malicious users to have unspecified impact via a valid X.509 certificate, as demonstrated by accepting *.example.com as a match for bar.foo.example.com.
Botan Project Botan
7.5
CVSSv3
CVE-2017-7252
bcrypt password hashing in Botan prior to 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for malicious users to determine the cleartext password.
Botan Project Botan
9.8
CVSSv3
CVE-2016-6878
The Curve25519 code in botan prior to 1.11.31, on systems without a native 128-bit integer type, might allow malicious users to have unspecified impact via vectors related to undefined behavior, as demonstrated on 32-bit ARM systems compiled by Clang.
Botan Project Botan
9.8
CVSSv3
CVE-2017-2801
A programming error exists in a way Randombit Botan cryptographic library version 2.0.1 implements x500 string comparisons which could lead to certificate verification issues and abuse. A specially crafted X509 certificate would need to be delivered to the client or server applic...
Botan Project Botan 2.0.1
5.9
CVSSv3
CVE-2021-40529
The ElGamal implementation in Botan up to and including 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public...
Botan Project Botan
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Mozilla Thunderbird
NA
CVE-2006-1034
Multiple cross-site scripting (XSS) vulnerabilities in Woltlab Burning Board (wBB) allow remote malicious users to inject arbitrary web script or HTML via (1) the username parameter to galerie_index.php and possibly (2) galerie_onfly.php. NOTE: the provenance of this information ...
Woltlab Burning Board 2.4
Woltlab Burning Board 2.7
Woltlab Burning Board 1.1.1
Woltlab Burning Board 2.0 Beta 4
Woltlab Burning Board 2.2.2
Woltlab Burning Board 2.3.3
Woltlab Burning Board 2.3.1
Woltlab Burning Board 2.0 Beta 3
Woltlab Burning Board 2.5
Woltlab Burning Board 2.6
Woltlab Burning Board 2.0 Rc1
Woltlab Burning Board 2.0 Beta 5
Woltlab Burning Board 2.0 Rc2
2 EDB exploits
NA
CVE-2006-3323
PHP remote file inclusion vulnerability in admin/admin.php in MF Piadas 1.0 allows remote malicious users to execute arbitrary PHP code via the page parameter. NOTE: the same vector can be used for cross-site scripting, but CVE analysis suggests that this is resultant from file i...
Mastersfusion Mf Piadas 1.0
2 EDB exploits
NA
CVE-2006-1013
PHP remote file include vulnerability in index.php in SMartBlog (aka SMBlog) 1.2 allows remote malicious users to include and execute arbitrary PHP files via (1) the pg parameter and (2) a query string without a parameter.
Smartblog Smartblog 1.2
1 EDB exploit
NA
CVE-2006-1584
Unspecified vulnerability in index.php in Warcraft III Replay Parser for PHP 1.8c allows remote malicious users to inject arbitrary web script or HTML via the page parameter, possibly related to fopen function calls or file uploads. NOTE: post-disclosure analysis by CVE suggests ...
Juliusz Julas Gonera Warcraft Iii Replay Parser Php 1.8c
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5841
file upload
man-in-the-middle
arbitrary
CVE-2024-27801
CVE-2024-28020
CVE-2024-30080
CVE-2024-30069
CVE-2024-5843
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »