Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nss vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-33602
nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added t...
169
VMScore
CVE-2020-12401
During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data. This vulnerability affects Firefox < 80 and Firefox for Android < 80.
Mozilla Firefox
446
VMScore
CVE-2014-8121
DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and previous versions does not properly check if a file is open, which allows remote malicious users to cause a denial of service (infinite loop) by performing a look-up...
Suse Suse Linux Enterprise Server 11.0
Suse Suse Linux Enterprise Desktop 11
Gnu Glibc
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
356
VMScore
CVE-2006-5201
Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and previous versions, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and previous versions; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOff...
Sun Secure Global Desktop
Sun Staroffice
Sun Nss
Sun Solaris 9.0
Sun Solaris 10.0
Sun Sunos 5.8
Sun Jdk 1.5.0
Sun Jre 1.4.2
Sun Jre 1.4.2 1
Sun Jre 1.4.2 2
Sun Jre 1.4.2 3
Sun Jre 1.5.0
Sun Jre 1.4.2 4
Sun Jre 1.4.2 6
Sun Jre 1.3.1
Sun Jre 1.3.1 03
Sun Jre 1.3.1 10
Sun Jre 1.3.1 12
Sun Jre 1.3.1 17
Sun Jre 1.3.1 19
Sun Jre 1.3.1 05
Sun Jre 1.3.1 06
668
VMScore
CVE-2004-0826
Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote malicious users to execute arbitrary code via a modified record length field in an SSLv2 client hello message.
Mozilla Network Security Services 3.2
Mozilla Network Security Services 3.2.1
Mozilla Network Security Services 3.5
Mozilla Network Security Services 3.6
Mozilla Network Security Services 3.7.7
Mozilla Network Security Services 3.8
Netscape Directory Server 4.11
Netscape Directory Server 4.13
Netscape Enterprise Server 3.0.7a
Netscape Enterprise Server 3.0l
Mozilla Network Security Services 3.4.1
Mozilla Network Security Services 3.4.2
Mozilla Network Security Services 3.7.3
Mozilla Network Security Services 3.7.5
Netscape Directory Server 3.12
Netscape Directory Server 4.1
Netscape Enterprise Server 3.0.1
Netscape Enterprise Server 3.0.1b
Netscape Enterprise Server 3.5
Netscape Enterprise Server 3.5.1
Netscape Enterprise Server 4.1.1
Netscape Enterprise Server 4.1
828
VMScore
CVE-2013-7283
Race condition in the libreswan.spec files for Red Hat Enterprise Linux (RHEL) and Fedora packages in libreswan 3.6 has unspecified impact and attack vectors, involving the /var/tmp/libreswan-nss-pwd temporary file.
Libreswan Libreswan 3.6
383
VMScore
CVE-2020-15572
Tor prior to 0.4.3.6 has an out-of-bounds memory access that allows a remote denial-of-service (crash) attack against Tor instances built to use Mozilla Network Security Services (NSS), aka TROVE-2020-001.
Torproject Tor
Torproject Tor 0.4.4.0
Torproject Tor 0.4.4.1
446
VMScore
CVE-2015-4000
The TLS protocol 1.2 and previous versions, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle malicious users to conduct cipher-downgrade attacks by rewriting a ClientHello with D...
Openssl Openssl
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Hp Hp-ux B.11.31
Ibm Content Manager 8.5
Oracle Jrockit R28.3.6
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Oracle Jdk 1.8.0
Oracle Jre 1.7.0
Oracle Jre 1.6.0
Oracle Jre 1.8.0
Oracle Jdk 1.7.0
Oracle Jdk 1.6.0
Suse Linux Enterprise Server 11.0
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Desktop 12
Suse Suse Linux Enterprise Server 12
Apple Mac Os X
Apple Iphone Os
1 Nmap script
4 Github repositories
1 Article
445
VMScore
CVE-2021-1945
Possible out of bound read due to lack of length check of Bandwidth-NSS IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Net...
Qualcomm Apq8053 Firmware -
Qualcomm Apq8064au Firmware -
Qualcomm Apq8096au Firmware -
Qualcomm Aqt1000 Firmware -
Qualcomm Ar8031 Firmware -
Qualcomm Ar8035 Firmware -
Qualcomm Ar9380 Firmware -
Qualcomm Csr8811 Firmware -
Qualcomm Csra6620 Firmware -
Qualcomm Csra6640 Firmware -
Qualcomm Csrb31024 Firmware -
Qualcomm Ipq4018 Firmware -
Qualcomm Ipq4019 Firmware -
Qualcomm Ipq4028 Firmware -
Qualcomm Ipq4029 Firmware -
Qualcomm Ipq5010 Firmware -
Qualcomm Ipq5018 Firmware -
Qualcomm Ipq5028 Firmware -
Qualcomm Ipq6000 Firmware -
Qualcomm Ipq6005 Firmware -
Qualcomm Ipq6010 Firmware -
Qualcomm Ipq6018 Firmware -
828
VMScore
CVE-2007-0777
The JavaScript engine in Mozilla Firefox prior to 1.5.0.10 and 2.x prior to 2.0.0.2, Thunderbird prior to 1.5.0.10, and SeaMonkey prior to 1.0.8 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger...
Mozilla Thunderbird
Mozilla Firefox
Mozilla Seamonkey
Canonical Ubuntu Linux 5.10
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 6.10
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »