Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla nss vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-7805
During TLS 1.2 exchanges, handshake hashes are generated which point to a message buffer. This saved data is used for later messages but in some cases, the handshake transcript can exceed the space available in the current buffer, causing the allocation of a new buffer. This leav...
Mozilla Firefox 56.0
Mozilla Firefox Esr 52.4.0
Mozilla Thunderbird 52.4.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
4.6
CVSSv2
CVE-2017-11697
The __hash_open function in hash.c:229 in Mozilla Network Security Services (NSS) allows context-dependent malicious users to cause a denial of service (floating point exception and crash) via a crafted cert8.db file.
Mozilla Network Security Services -
4.6
CVSSv2
CVE-2017-11698
Heap-based buffer overflow in the __get_page function in lib/dbm/src/h_page.c in Mozilla Network Security Services (NSS) allows context-dependent malicious users to have unspecified impact using a crafted cert8.db file.
Mozilla Network Security Services -
4.6
CVSSv2
CVE-2017-11695
Heap-based buffer overflow in the alloc_segs function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-dependent malicious users to have unspecified impact using a crafted cert8.db file.
Mozilla Network Security Services -
4.6
CVSSv2
CVE-2017-11696
Heap-based buffer overflow in the __hash_open function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-dependent malicious users to have unspecified impact using a crafted cert8.db file.
Mozilla Network Security Services -
5
CVSSv2
CVE-2017-7502
Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into denial of service by remote attacker.
Mozilla Network Security Services 3.25.0
Mozilla Network Security Services 3.29.1
Mozilla Network Security Services 3.29.0
Mozilla Network Security Services 3.30.0
Mozilla Network Security Services 3.29.2
Mozilla Network Security Services 3.25.1
Mozilla Network Security Services 3.28.1
Mozilla Network Security Services 3.26.2
Mozilla Network Security Services 3.30.1
Mozilla Network Security Services 3.24.0
Mozilla Network Security Services 3.27.0
Mozilla Network Security Services 3.29.3
Mozilla Network Security Services 3.28.0
Mozilla Network Security Services 3.27.2
Mozilla Network Security Services 3.28.3
Mozilla Network Security Services 3.28.2
Mozilla Network Security Services 3.27.1
Mozilla Network Security Services 3.26.0
7.5
CVSSv2
CVE-2016-1951
Multiple integer overflows in io/prprf.c in Mozilla Netscape Portable Runtime (NSPR) prior to 4.12 allow remote malicious users to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long string to a PR_*printf function.
Mozilla Netscape Portable Runtime
4.4
CVSSv2
CVE-2016-1963
The FileReader class in Mozilla Firefox prior to 45.0 allows local users to gain privileges or cause a denial of service (memory corruption) by changing a file during a FileReader API read operation.
Mozilla Firefox
6.8
CVSSv2
CVE-2016-1950
Heap-based buffer overflow in Mozilla Network Security Services (NSS) prior to 3.19.2.3 and 3.20.x and 3.21.x prior to 3.21.1, as used in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.7, allows remote malicious users to execute arbitrary code via crafted ASN.1 da...
Mozilla Network Security Services 3.21
Mozilla Network Security Services 3.19.2
Mozilla Network Security Services 3.20
Mozilla Network Security Services 3.20.1
Mozilla Firefox
Mozilla Firefox Esr 38.6.1
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.6.0
Mozilla Firefox Esr 38.5.1
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.5.0
Mozilla Firefox Esr 38.4.0
Mozilla Firefox Esr 38.3.0
Mozilla Firefox Esr 38.0
Oracle Linux 5.0
Oracle Vm Server 3.2
Oracle Linux 7
Oracle Linux 6
6.8
CVSSv2
CVE-2016-1952
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.7 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vector...
Oracle Linux 6
Oracle Linux 5.0
Oracle Linux 7
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Novell Suse Package Hub For Suse Linux Enterprise 12
Mozilla Firefox Esr 38.6.1
Mozilla Firefox Esr 38.6.0
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.4.0
Mozilla Firefox Esr 38.3.0
Mozilla Firefox Esr 38.0
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.5.1
Mozilla Firefox Esr 38.5.0
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-35229
privilege escalation
local users
CVE-2024-5405
CVE-2024-27842
CVE-2024-5274
CVE-2024-5378
CVE-2024-34152
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »