Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla network security services vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2016-1938
The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) prior to 3.21, as used in Mozilla Firefox prior to 44.0, improperly divides numbers, which might make it easier for remote malicious users to defeat cryptographic protection mechanisms by lev...
Opensuse Opensuse 13.1
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Mozilla Nss
Mozilla Firefox
3.7
CVSSv3
CVE-2015-4000
The TLS protocol 1.2 and previous versions, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle malicious users to conduct cipher-downgrade attacks by rewriting a ClientHello with D...
Openssl Openssl
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Hp Hp-ux B.11.31
Ibm Content Manager 8.5
Oracle Jrockit R28.3.6
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Oracle Jdk 1.8.0
Oracle Jre 1.7.0
Oracle Jre 1.6.0
Oracle Jre 1.8.0
Oracle Jdk 1.7.0
Oracle Jdk 1.6.0
Suse Linux Enterprise Server 11.0
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Desktop 12
Suse Suse Linux Enterprise Server 12
Apple Mac Os X
Apple Iphone Os
1 Nmap script
4 Github repositories
1 Article
NA
CVE-2014-1569
The definite_length_decoder function in lib/util/quickder.c in Mozilla Network Security Services (NSS) prior to 3.16.2.4 and 3.17.x prior to 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote malicious users to conduct data-smu...
Mozilla Network Security Services 3.16.2.1
Mozilla Network Security Services 3.16.2.0
Mozilla Network Security Services 3.17.2
Mozilla Network Security Services
Mozilla Network Security Services 3.16.2.2
Mozilla Network Security Services 3.17.1
Mozilla Network Security Services 3.17.0
NA
CVE-2014-1544
Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox prior to 31.0, Firefox ESR 24.x prior to 24.7, and Thunderbird prior to 24.7, allows remote malicious users to execute arbitrary c...
Mozilla Firefox Esr 24.6
Mozilla Thunderbird
Mozilla Thunderbird 24.3
Mozilla Thunderbird 24.4
Mozilla Firefox Esr 24.3
Mozilla Firefox Esr 24.4
Mozilla Network Security Services 3.12.1
Mozilla Network Security Services 3.12.10
Mozilla Network Security Services 3.12.5
Mozilla Network Security Services 3.12.6
Mozilla Network Security Services 3.14.3
Mozilla Network Security Services 3.14.4
Mozilla Network Security Services 3.15.5
Mozilla Network Security Services 3.16
Mozilla Network Security Services 3.4.1
Mozilla Network Security Services 3.4.2
Mozilla Network Security Services 3.7.3
Mozilla Network Security Services 3.7.5
Mozilla Thunderbird 24.0.1
Mozilla Thunderbird 24.1
Mozilla Firefox Esr 24.0.2
Mozilla Firefox Esr 24.1.0
NA
CVE-2014-1492
The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS) prior to 3.16 accepts a wildcard character that is embedded in an internationalized domain name's U-label, which might allow man-in-the...
Mozilla Network Security Services 3.15.3.1
Mozilla Network Security Services 3.12
Mozilla Network Security Services 3.12.1
Mozilla Network Security Services 3.12.4
Mozilla Network Security Services 3.12.5
Mozilla Network Security Services 3.14.3
Mozilla Network Security Services 3.14.4
Mozilla Network Security Services 3.2.1
Mozilla Network Security Services 3.3
Mozilla Network Security Services 3.6
Mozilla Network Security Services 3.6.1
Mozilla Network Security Services 3.7
Mozilla Network Security Services 3.11.4
Mozilla Network Security Services 3.11.5
Mozilla Network Security Services 3.12.3.1
Mozilla Network Security Services 3.9
Mozilla Network Security Services 3.12.3.2
Mozilla Network Security Services 3.14.1
Mozilla Network Security Services 3.14.2
Mozilla Network Security Services 3.15.3
Mozilla Network Security Services 3.2
Mozilla Network Security Services 3.4.2
NA
CVE-2013-5607
Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape Portable Runtime (NSPR) prior to 4.10.2, as used in Firefox prior to 25.0.1, Firefox ESR 17.x prior to 17.0.11 and 24.x prior to 24.1.1, and SeaMonkey prior to 2.22.1, allows remote malicious users to cause a d...
Mozilla Netscape Portable Runtime 4.9.6
Mozilla Netscape Portable Runtime 4.9.5
Mozilla Netscape Portable Runtime 4.8.8
Mozilla Netscape Portable Runtime 4.8.7
Mozilla Netscape Portable Runtime
Mozilla Netscape Portable Runtime 4.10
Mozilla Netscape Portable Runtime 4.9
Mozilla Netscape Portable Runtime 4.8.9
Mozilla Netscape Portable Runtime 4.8.2
Mozilla Netscape Portable Runtime 4.8
Mozilla Netscape Portable Runtime 4.9.2
Mozilla Netscape Portable Runtime 4.9.1
Mozilla Netscape Portable Runtime 4.8.4
Mozilla Netscape Portable Runtime 4.8.3
Mozilla Netscape Portable Runtime 4.7.2
Mozilla Netscape Portable Runtime 4.7.1
Mozilla Netscape Portable Runtime 4.7
Mozilla Netscape Portable Runtime 4.6.2
Mozilla Netscape Portable Runtime 4.6.1
Mozilla Netscape Portable Runtime 4.1.2
Mozilla Netscape Portable Runtime 4.1.1
Mozilla Netscape Portable Runtime 4.7.6
NA
CVE-2013-1741
Integer overflow in Mozilla Network Security Services (NSS) 3.15 prior to 3.15.3 allows remote malicious users to cause a denial of service or possibly have unspecified other impact via a large size value.
Mozilla Network Security Services 3.15
Mozilla Network Security Services 3.15.1
Mozilla Network Security Services 3.15.2
NA
CVE-2013-5605
Mozilla Network Security Services (NSS) 3.14 prior to 3.14.5 and 3.15 prior to 3.15.3 allows remote malicious users to cause a denial of service or possibly have unspecified other impact via invalid handshake packets.
Mozilla Network Security Services 3.14
Mozilla Network Security Services 3.14.4
Mozilla Network Security Services 3.15
Mozilla Network Security Services 3.15.1
Mozilla Network Security Services 3.15.2
Mozilla Network Security Services 3.14.3
Mozilla Network Security Services 3.14.2
Mozilla Network Security Services 3.14.1
NA
CVE-2013-5606
The CERT_VerifyCert function in lib/certhigh/certvfy.c in Mozilla Network Security Services (NSS) 3.15 prior to 3.15.3 provides an unexpected return value for an incompatible key-usage certificate when the CERTVerifyLog argument is valid, which might allow remote malicious users ...
Mozilla Network Security Services 3.15.1
Mozilla Network Security Services 3.15.2
Mozilla Network Security Services 3.15
5.9
CVSSv3
CVE-2013-2566
The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote malicious users to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.
Oracle Communications Application Session Controller
Oracle Http Server 11.1.1.7.0
Oracle Http Server 11.1.1.9.0
Oracle Http Server 12.1.3.0.0
Oracle Http Server 12.2.1.1.0
Oracle Http Server 12.2.1.2.0
Oracle Integrated Lights Out Manager Firmware
Fujitsu Sparc Enterprise M3000 Firmware
Fujitsu Sparc Enterprise M4000 Firmware
Fujitsu Sparc Enterprise M5000 Firmware
Fujitsu Sparc Enterprise M8000 Firmware
Fujitsu Sparc Enterprise M9000 Firmware
Fujitsu M10-1 Firmware
Fujitsu M10-4 Firmware
Fujitsu M10-4s Firmware
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Seamonkey
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »