Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla nss vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2020-6829
When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been com...
Mozilla Firefox
107
VMScore
CVE-2020-12400
When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel attack. This vulnerability affects Firefox < 80 and Firefox for Android < 80.
Mozilla Firefox
828
VMScore
CVE-2007-0777
The JavaScript engine in Mozilla Firefox prior to 1.5.0.10 and 2.x prior to 2.0.0.2, Thunderbird prior to 1.5.0.10, and SeaMonkey prior to 1.0.8 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger...
Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 5.10
383
VMScore
CVE-2013-2566
The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote malicious users to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.
Oracle Http Server 11.1.1.9.0
Oracle Http Server 12.2.1.2.0
Oracle Http Server 12.1.3.0.0
Oracle Http Server 11.1.1.7.0
Oracle Integrated Lights Out Manager Firmware
Oracle Http Server 12.2.1.1.0
Oracle Communications Application Session Controller
Fujitsu Sparc Enterprise M3000 Firmware
Fujitsu Sparc Enterprise M4000 Firmware
Fujitsu Sparc Enterprise M5000 Firmware
Fujitsu Sparc Enterprise M8000 Firmware
Fujitsu Sparc Enterprise M9000 Firmware
Fujitsu M10-1 Firmware
Fujitsu M10-4 Firmware
Fujitsu M10-4s Firmware
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Mozilla Thunderbird Esr
Mozilla Thunderbird
Mozilla Seamonkey
1 Github repository
570
VMScore
CVE-2006-5462
Mozilla Network Security Service (NSS) library prior to 3.11.3, as used in Mozilla Firefox prior to 1.5.0.8, Thunderbird prior to 1.5.0.8, and SeaMonkey prior to 1.0.6, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote ...
Mozilla Thunderbird 1.5.0.7
Mozilla Seamonkey 1.0.3
Mozilla Firefox 1.5
Mozilla Seamonkey 1.0.1
Mozilla Firefox 1.5.0.6
Mozilla Firefox 1.5.0.3
Mozilla Seamonkey 1.0
Mozilla Thunderbird 1.5.0.3
Mozilla Thunderbird 1.5.0.6
Mozilla Thunderbird 1.5
Mozilla Seamonkey 1.0.2
Mozilla Firefox 1.5.0.7
Mozilla Thunderbird 1.5.0.2
Mozilla Seamonkey 1.0.5
Mozilla Firefox 1.5.0.5
Mozilla Firefox 1.5.0.2
Mozilla Seamonkey 1.0.4
Mozilla Thunderbird 1.5.0.1
Mozilla Network Security Services 3.11.3
Mozilla Firefox 1.5.0.4
Mozilla Firefox 1.5.0.1
Mozilla Thunderbird 1.5.0.4
605
VMScore
CVE-2019-11756
Improper refcounting of soft token session objects could cause a use-after-free and crash (likely limited to a denial of service). This vulnerability affects Firefox < 71.
Mozilla Firefox
605
VMScore
CVE-2016-1953
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 45.0 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to js/src/jit/arm/Assembler-arm.c...
Mozilla Firefox Esr 38.0
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.6.1
Mozilla Firefox Esr 38.4.0
Mozilla Firefox Esr 38.3.0
Mozilla Firefox Esr 38.5.1
Mozilla Firefox Esr 38.0.5
Mozilla Thunderbird
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.5.0
Mozilla Firefox Esr 38.6.0
Mozilla Firefox Esr 38.1.1
Mozilla Firefox
Novell Suse Package Hub For Suse Linux Enterprise 12
Opensuse Leap 42.1
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
231
VMScore
CVE-2006-4567
Mozilla Firefox prior to 1.5.0.7 and Thunderbird prior to 1.5.0.7 makes it easy for users to accept self-signed certificates for the auto-update mechanism, which might allow remote user-assisted malicious users to use DNS spoofing to trick users into visiting a malicious site and...
Mozilla Firefox
Mozilla Thunderbird
169
VMScore
CVE-2020-12401
During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data. This vulnerability affects Firefox < 80 and Firefox for Android < 80.
Mozilla Firefox
605
VMScore
CVE-2019-11712
POST requests made by NPAPI plugins, such as Flash, that receive a status 308 redirect response can bypass CORS requirements. This can allow an malicious user to perform Cross-Site Request Forgery (CSRF) attacks. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, ...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »