Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla nss vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-7805
During TLS 1.2 exchanges, handshake hashes are generated which point to a message buffer. This saved data is used for later messages but in some cases, the handshake transcript can exceed the space available in the current buffer, causing the allocation of a new buffer. This leav...
Mozilla Firefox 56.0
Mozilla Firefox Esr 52.4.0
Mozilla Thunderbird 52.4.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
NA
CVE-2007-0009
Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) prior to 3.11.5, as used by Firefox prior to 1.5.0.10 and 2.x prior to 2.0.0.2, Thunderbird prior to 1.5.0.10, SeaMonkey prior to 1.0.8, and certain Sun Java System server products prior t...
Mozilla Firefox
Mozilla Network Security Services
Mozilla Seamonkey
Mozilla Thunderbird
Debian Debian Linux 4.0
Debian Debian Linux 3.1
Canonical Ubuntu Linux 5.10
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
8.8
CVSSv3
CVE-2022-34480
Within the <code>lg_init()</code> function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. This vulnerability affects Firefox < 102.
Mozilla Firefox
7.5
CVSSv3
CVE-2019-17007
In Network Security Services prior to 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service.
Mozilla Network Security Services
Siemens Ruggedcom Rox Mx5000 Firmware
Siemens Ruggedcom Rox Rx1400 Firmware
Siemens Ruggedcom Rox Rx1500 Firmware
Siemens Ruggedcom Rox Rx1501 Firmware
Siemens Ruggedcom Rox Rx1510 Firmware
Siemens Ruggedcom Rox Rx1511 Firmware
Siemens Ruggedcom Rox Rx1512 Firmware
Siemens Ruggedcom Rox Rx5000 Firmware
7.8
CVSSv3
CVE-2017-11697
The __hash_open function in hash.c:229 in Mozilla Network Security Services (NSS) allows context-dependent malicious users to cause a denial of service (floating point exception and crash) via a crafted cert8.db file.
Mozilla Network Security Services -
5.9
CVSSv3
CVE-2009-2408
Mozilla Network Security Services (NSS) prior to 3.12.3, Firefox prior to 3.0.13, Thunderbird prior to 2.0.0.23, and SeaMonkey prior to 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, ...
Mozilla Network Security Services
Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird
Suse Linux Enterprise Server 9
Suse Linux Enterprise 11.0
Suse Linux Enterprise 10.0
Opensuse Opensuse
Debian Debian Linux 5.0
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
NA
CVE-2007-0775
Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox prior to 1.5.0.10 and 2.x prior to 2.0.0.2, Thunderbird prior to 1.5.0.10, and SeaMonkey prior to 1.0.8 allow remote malicious users to cause a denial of service (crash) and potentially execute arbitrary...
Mozilla Firefox 1.0
Mozilla Firefox 1.0.1
Mozilla Firefox 1.0.7
Mozilla Firefox 1.0.8
Mozilla Firefox 1.5.0.6
Mozilla Firefox 1.5.0.7
Mozilla Firefox 1.5.0.8
Mozilla Firefox 2.0
Mozilla Seamonkey 1.0.6
Mozilla Seamonkey 1.0.7
Mozilla Thunderbird 1.0.8
Mozilla Thunderbird 1.5
Mozilla Firefox 1.0.2
Mozilla Firefox 1.0.3
Mozilla Firefox 1.5
Mozilla Firefox 1.5.0.1
Mozilla Firefox 1.5.0.9
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.0.1
Mozilla Firefox 1.0.6
Mozilla Firefox 1.5.0.4
Mozilla Firefox 1.5.0.5
NA
CVE-2007-0779
GUI overlay vulnerability in Mozilla Firefox 1.5.x prior to 1.5.0.10 and 2.x prior to 2.0.0.2, and SeaMonkey prior to 1.0.8 allows remote malicious users to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a l...
Mozilla Firefox 0.9.2
Mozilla Firefox 0.9.3
Mozilla Firefox 0.9 Rc
Mozilla Firefox 1.0.6
Mozilla Firefox 1.0.7
Mozilla Firefox 1.5.0.5
Mozilla Firefox 1.5.0.6
Mozilla Firefox 2.0
Mozilla Firefox 2.0.0.1
Mozilla Seamonkey 1.0.3
Mozilla Seamonkey 1.0.4
Mozilla Seamonkey 1.0
Mozilla Firefox 0.8
Mozilla Firefox 0.9.1
Mozilla Firefox 1.0.4
Mozilla Firefox 1.0.5
Mozilla Firefox 1.5.0.3
Mozilla Firefox 1.5.0.4
Mozilla Firefox 1.5.8
Mozilla Firefox 1.5
Mozilla Seamonkey 1.0.1
Mozilla Seamonkey 1.0.2
7.8
CVSSv3
CVE-2017-11695
Heap-based buffer overflow in the alloc_segs function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-dependent malicious users to have unspecified impact using a crafted cert8.db file.
Mozilla Network Security Services -
7.8
CVSSv3
CVE-2017-11696
Heap-based buffer overflow in the __hash_open function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-dependent malicious users to have unspecified impact using a crafted cert8.db file.
Mozilla Network Security Services -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »