Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
botan vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2018-20187
A side-channel issue exists in Botan prior to 2.9.0. An attacker capable of precisely measuring the time taken for ECC key generation may be able to derive information about the high bits of the secret key, as the function to derive the public point from the secret scalar uses an...
Botan Project Botan
5.9
CVSSv3
CVE-2018-12435
Botan 2.5.0 up to and including 2.6.0 prior to 2.7.0 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP, related to dsa/dsa.cpp, ec_group/ec_group.cpp, and ecdsa/ecdsa.cpp. To discover an ECDSA key, the attacker nee...
Botan Project Botan
7.5
CVSSv3
CVE-2015-7825
botan prior to 1.11.22 improperly validates certificate paths, which allows remote malicious users to cause a denial of service (infinite loop and memory consumption) via a certificate with a loop in the certificate chain.
Botan Project Botan
9.8
CVSSv3
CVE-2018-9127
Botan 2.2.0 - 2.4.0 (fixed in 2.5.0) improperly handled wildcard certificates and could accept certain certificates as valid for hostnames when, under RFC 6125 rules, they should not match. This only affects certificates issued to the same domain as the host, so to impersonate a ...
Botan Project Botan
9.8
CVSSv3
CVE-2017-2801
A programming error exists in a way Randombit Botan cryptographic library version 2.0.1 implements x500 string comparisons which could lead to certificate verification issues and abuse. A specially crafted X509 certificate would need to be delivered to the client or server applic...
Botan Project Botan 2.0.1
5.9
CVSSv3
CVE-2021-40529
The ElGamal implementation in Botan up to and including 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public...
Botan Project Botan
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Mozilla Thunderbird
NA
CVE-2006-3323
PHP remote file inclusion vulnerability in admin/admin.php in MF Piadas 1.0 allows remote malicious users to execute arbitrary PHP code via the page parameter. NOTE: the same vector can be used for cross-site scripting, but CVE analysis suggests that this is resultant from file i...
Mastersfusion Mf Piadas 1.0
2 EDB exploits
NA
CVE-2006-1034
Multiple cross-site scripting (XSS) vulnerabilities in Woltlab Burning Board (wBB) allow remote malicious users to inject arbitrary web script or HTML via (1) the username parameter to galerie_index.php and possibly (2) galerie_onfly.php. NOTE: the provenance of this information ...
Woltlab Burning Board 1.1.1
Woltlab Burning Board 2.0 Beta 4
Woltlab Burning Board 2.3.1
Woltlab Burning Board 2.4
Woltlab Burning Board 2.6
Woltlab Burning Board 2.0 Beta 3
Woltlab Burning Board 2.3.3
Woltlab Burning Board 2.5
Woltlab Burning Board 2.0 Beta 5
Woltlab Burning Board 2.0 Rc1
Woltlab Burning Board 2.0 Rc2
Woltlab Burning Board 2.2.2
Woltlab Burning Board 2.7
2 EDB exploits
NA
CVE-2006-1835
Cross-site scripting (XSS) vulnerability in yearcal.php in Calendarix allows remote malicious users to inject arbitrary web script or HTML via the ycyear parameter.
Vincent Hor Calendarix 0.6.2005-08-30
Vincent Hor Calendarix Advanced 1.5.2005-05-01
1 EDB exploit
NA
CVE-2006-1099
PHP remote file include vulnerability in logIT 1.3 and 1.4 allows remote malicious users to execute arbitrary PHP code via a URL in the pg parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Logit Logit 1.3
Logit Logit 1.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »