Filtered by vendor Botan Project
Subscribe
Total
25 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-7827 | 3 Botan Project, Debian, Fedoraproject | 3 Botan, Debian Linux, Fedora | 2016-06-09 | 5.0 MEDIUM | 7.5 HIGH |
Botan before 1.10.13 and 1.11.x before 1.11.22 make it easier for remote attackers to conduct million-message attacks by measuring time differences, related to decoding of PKCS#1 padding. | |||||
CVE-2016-2196 | 1 Botan Project | 1 Botan | 2016-05-16 | 10.0 HIGH | 9.8 CRITICAL |
Heap-based buffer overflow in the P-521 reduction function in Botan 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (memory overwrite and crash) or execute arbitrary code via unspecified vectors. | |||||
CVE-2015-5726 | 2 Botan Project, Debian | 2 Botan, Debian Linux | 2016-05-16 | 5.0 MEDIUM | 7.5 HIGH |
The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (application crash) via an empty BIT STRING in ASN.1 data. | |||||
CVE-2014-9742 | 1 Botan Project | 1 Botan | 2016-05-16 | 5.0 MEDIUM | 7.5 HIGH |
The Miller-Rabin primality check in Botan before 1.10.8 and 1.11.x before 1.11.9 improperly uses a single random base, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a DH group. | |||||
CVE-2015-5727 | 2 Botan Project, Debian | 2 Botan, Debian Linux | 2016-05-13 | 7.8 HIGH | 7.5 HIGH |
The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, related to a length field. |