Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla nss 3.7 vulnerabilities and exploits
(subscribe to this query)
4.7
CVSSv3
CVE-2020-12401
During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data. This vulnerability affects Firefox < 80 and Firefox for Android < 80.
Mozilla Firefox
8.8
CVSSv3
CVE-2019-11756
Improper refcounting of soft token session objects could cause a use-after-free and crash (likely limited to a denial of service). This vulnerability affects Firefox < 71.
Mozilla Firefox
NA
CVE-2004-0826
Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote malicious users to execute arbitrary code via a modified record length field in an SSLv2 client hello message.
Netscape Enterprise Server 3.5
Sun One Web Server 4.1
Mozilla Network Security Services 3.6.1
Mozilla Network Security Services 3.2
Netscape Enterprise Server 4.0
Sun One Web Server 6.0
Sun One Application Server 6.0
Sun Java System Application Server 7.0
Sun One Web Server 6.1
Netscape Directory Server 4.1
Mozilla Network Security Services 3.7.7
Mozilla Network Security Services 3.7.5
Mozilla Network Security Services 3.7.1
Netscape Enterprise Server 4.1.1
Netscape Enterprise Server 3.6
Netscape Enterprise Server 4.1
Netscape Directory Server 1.3
Mozilla Network Security Services 3.6
Netscape Directory Server 3.1
Netscape Enterprise Server 2.0a
Mozilla Network Security Services 3.2.1
Netscape Certificate Server 1.0
4.4
CVSSv3
CVE-2020-12402
During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the rec...
Mozilla Firefox
Opensuse Leap 15.1
Fedoraproject Fedora 32
Opensuse Leap 15.2
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2019-17023
After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored. This vulnerability affects Fi...
Mozilla Firefox
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Debian Debian Linux 10.0
9.8
CVSSv3
CVE-2019-17006
In Network Security Services (NSS) prior to 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.
Siemens Ruggedcom Rox Mx5000 Firmware
Siemens Ruggedcom Rox Rx1400 Firmware
Siemens Ruggedcom Rox Rx1500 Firmware
Siemens Ruggedcom Rox Rx1501 Firmware
Siemens Ruggedcom Rox Rx1510 Firmware
Siemens Ruggedcom Rox Rx1511 Firmware
Siemens Ruggedcom Rox Rx1512 Firmware
Siemens Ruggedcom Rox Rx5000 Firmware
Mozilla Network Security Services
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Storage Node -
Netapp Hci Compute Node -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2