Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla nss vulnerabilities and exploits
(subscribe to this query)
516
VMScore
CVE-2013-5606
The CERT_VerifyCert function in lib/certhigh/certvfy.c in Mozilla Network Security Services (NSS) 3.15 prior to 3.15.3 provides an unexpected return value for an incompatible key-usage certificate when the CERTVerifyLog argument is valid, which might allow remote malicious users ...
Mozilla Network Security Services 3.15
Mozilla Network Security Services 3.15.1
Mozilla Network Security Services 3.15.2
383
VMScore
CVE-2013-2566
The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote malicious users to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.
Oracle Http Server 11.1.1.9.0
Oracle Http Server 12.2.1.2.0
Oracle Http Server 12.1.3.0.0
Oracle Http Server 11.1.1.7.0
Oracle Integrated Lights Out Manager Firmware
Oracle Http Server 12.2.1.1.0
Oracle Communications Application Session Controller
Fujitsu Sparc Enterprise M3000 Firmware
Fujitsu Sparc Enterprise M4000 Firmware
Fujitsu Sparc Enterprise M5000 Firmware
Fujitsu Sparc Enterprise M8000 Firmware
Fujitsu Sparc Enterprise M9000 Firmware
Fujitsu M10-1 Firmware
Fujitsu M10-4 Firmware
Fujitsu M10-4s Firmware
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Mozilla Thunderbird Esr
Mozilla Thunderbird
Mozilla Seamonkey
1 Github repository
383
VMScore
CVE-2013-1620
The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote malicious users to conduct distinguishing attacks and...
Mozilla Network Security Services
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 12.04
Oracle Glassfish Server 2.1.1
Oracle Iplanet Web Proxy Server 4.0
Oracle Traffic Director 11.1.1.7.0
Oracle Iplanet Web Server 7.0
Oracle Vm Server 3.2
Oracle Glassfish Communications Server 2.0
Oracle Enterprise Manager Ops Center 12.1
Oracle Enterprise Manager Ops Center 12.2
Oracle Iplanet Web Server 6.1
Oracle Enterprise Manager Ops Center 11.1
Oracle Opensso 3.0-03
Oracle Traffic Director 11.1.1.6.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
383
VMScore
CVE-2012-2668
libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31 and previous versions, when using the Mozilla NSS backend, always uses the default cipher suite even when TLSCipherSuite is set, which might cause OpenLDAP to use weaker ciphers than intended and make it easier for remote mal...
Openldap Openldap 2.4.17
Openldap Openldap 2.4.6
Openldap Openldap 2.4.11
Openldap Openldap 2.4.8
Openldap Openldap 2.4.26
Openldap Openldap 2.4.9
Openldap Openldap 2.4.16
Openldap Openldap
Openldap Openldap 2.4.29
Openldap Openldap 2.4.22
Openldap Openldap 2.4.25
Openldap Openldap 2.4.20
Openldap Openldap 2.4.15
Openldap Openldap 2.4.18
Openldap Openldap 2.4.27
Openldap Openldap 2.4.7
Openldap Openldap 2.4.28
Openldap Openldap 2.4.23
Openldap Openldap 2.4.24
Openldap Openldap 2.4.14
Openldap Openldap 2.4.19
Openldap Openldap 2.4.12
383
VMScore
CVE-2011-5094
Mozilla Network Security Services (NSS) 3.x, with certain settings of the SSL_ENABLE_RENEGOTIATION option, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, which might make it easier for remote malicious users to cause a denial of servic...
Mozilla Network Security Services 3.11.2
Mozilla Network Security Services 3.6.1
Mozilla Network Security Services 3.2
Mozilla Network Security Services 3.11.4
Mozilla Network Security Services 3.7.7
Mozilla Network Security Services 3.7.5
Mozilla Network Security Services 3.7.1
Mozilla Network Security Services 3.6
Mozilla Network Security Services 3.2.1
Mozilla Network Security Services 3.9
Mozilla Network Security Services 3.4
Mozilla Network Security Services 3.8
Mozilla Network Security Services 3.4.1
Mozilla Network Security Services 3.11.5
Mozilla Network Security Services 3.7
Mozilla Network Security Services 3.7.2
Mozilla Network Security Services 3.3
Mozilla Network Security Services 3.7.3
Mozilla Network Security Services 3.4.2
Mozilla Network Security Services 3.3.2
Mozilla Network Security Services 3.5
Mozilla Network Security Services 3.11.3
445
VMScore
CVE-2012-0441
The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) prior to 3.13.4, as used in Firefox 4.x up to and including 12.0, Firefox ESR 10.x prior to 10.0.5, Thunderbird 5.0 up to and including 12.0, Thunderbird ESR 10.x prior to 10.0.5, and SeaMonkey p...
Mozilla Network Security Services 3.11.2
Mozilla Seamonkey 2.0.10
Mozilla Seamonkey 1.1.10
Mozilla Network Security Services 3.6.1
Mozilla Seamonkey 2.5
Mozilla Network Security Services 3.2
Mozilla Seamonkey 2.2
Mozilla Seamonkey 2.6
Mozilla Firefox 4.0
Mozilla Seamonkey 1.0.3
Mozilla Seamonkey 2.9
Mozilla Seamonkey 2.0.13
Mozilla Seamonkey 2.8
Mozilla Seamonkey 1.1.8
Mozilla Network Security Services 3.11.4
Mozilla Seamonkey 1.0.1
Mozilla Seamonkey 1.1.7
Mozilla Thunderbird 10.0
Mozilla Firefox 8.0
Mozilla Seamonkey 2.7
Mozilla Seamonkey 1.5.0.10
Mozilla Network Security Services 3.7.7
632
VMScore
CVE-2011-3640
Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome prior to 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor's response w...
Google Chrome
384
VMScore
CVE-2011-3389
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle malicious users...
Opera Opera Browser -
Microsoft Internet Explorer -
Microsoft Windows -
Google Chrome -
Mozilla Firefox -
Siemens Simatic Rf68xr Firmware
Siemens Simatic Rf615r Firmware
Haxx Curl
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server Aus 6.2
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Eus 6.2
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 10.04
2 Github repositories
1 Article
383
VMScore
CVE-2010-3170
Mozilla Firefox prior to 3.5.14 and 3.6.x prior to 3.6.11, Thunderbird prior to 3.0.9 and 3.1.x prior to 3.1.5, and SeaMonkey prior to 2.0.9 recognize a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle malici...
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.6
Mozilla Firefox 3.6.10
Mozilla Firefox 3.6.7
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6
Mozilla Seamonkey 1.1.10
Mozilla Seamonkey 1.0.3
Mozilla Seamonkey 1.1.8
Mozilla Seamonkey 1.0.1
Mozilla Seamonkey 1.1.7
Mozilla Seamonkey 1.5.0.10
Mozilla Seamonkey 1.0.6
Mozilla Seamonkey 1.0.9
Mozilla Seamonkey 1.1.3
Mozilla Seamonkey 2.0.4
Mozilla Seamonkey 1.0
Mozilla Seamonkey 2.0.3
Mozilla Seamonkey 2.0.2
668
VMScore
CVE-2010-3173
The SSL implementation in Mozilla Firefox prior to 3.5.14 and 3.6.x prior to 3.6.11, Thunderbird prior to 3.0.9 and 3.1.x prior to 3.1.5, and SeaMonkey prior to 2.0.9 does not properly set the minimum key length for Diffie-Hellman Ephemeral (DHE) mode, which makes it easier for r...
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.6
Mozilla Firefox 3.6.10
Mozilla Firefox 3.6.7
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6
Mozilla Seamonkey 1.1.10
Mozilla Seamonkey 1.0.3
Mozilla Seamonkey 1.1.8
Mozilla Seamonkey 1.0.1
Mozilla Seamonkey 1.1.7
Mozilla Seamonkey 1.5.0.10
Mozilla Seamonkey 1.0.6
Mozilla Seamonkey 1.0.9
Mozilla Seamonkey 1.1.3
Mozilla Seamonkey 2.0.4
Mozilla Seamonkey 1.0
Mozilla Seamonkey 2.0.3
Mozilla Seamonkey 2.0.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »