Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nss vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2020-12403
A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions prior to 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly ...
Mozilla Nss
2 Github repositories
6.4
CVSSv2
CVE-2016-1938
The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) prior to 3.21, as used in Mozilla Firefox prior to 44.0, improperly divides numbers, which might make it easier for remote malicious users to defeat cryptographic protection mechanisms by lev...
Opensuse Opensuse 13.1
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Mozilla Nss
Mozilla Firefox
6.4
CVSSv2
CVE-2007-0779
GUI overlay vulnerability in Mozilla Firefox 1.5.x prior to 1.5.0.10 and 2.x prior to 2.0.0.2, and SeaMonkey prior to 1.0.8 allows remote malicious users to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a l...
Mozilla Firefox 0.9.2
Mozilla Firefox 0.9.3
Mozilla Firefox 0.9 Rc
Mozilla Firefox 1.0.6
Mozilla Firefox 1.0.7
Mozilla Firefox 1.5.0.5
Mozilla Firefox 1.5.0.6
Mozilla Firefox 2.0
Mozilla Firefox 2.0.0.1
Mozilla Seamonkey 1.0.3
Mozilla Seamonkey 1.0.4
Mozilla Seamonkey 1.0
Mozilla Firefox 0.8
Mozilla Firefox 0.9.1
Mozilla Firefox 1.0.4
Mozilla Firefox 1.0.5
Mozilla Firefox 1.5.0.3
Mozilla Firefox 1.5.0.4
Mozilla Firefox 1.5.8
Mozilla Firefox 1.5
Mozilla Seamonkey 1.0.1
Mozilla Seamonkey 1.0.2
6.4
CVSSv2
CVE-2006-5462
Mozilla Network Security Service (NSS) library prior to 3.11.3, as used in Mozilla Firefox prior to 1.5.0.8, Thunderbird prior to 1.5.0.8, and SeaMonkey prior to 1.0.6, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote ...
Mozilla Firefox 1.5.0.2
Mozilla Firefox 1.5.0.3
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.0.1
Mozilla Thunderbird 1.5
Mozilla Firefox 1.5
Mozilla Firefox 1.5.0.1
Mozilla Network Security Services 3.11.3
Mozilla Thunderbird 1.5.0.6
Mozilla Thunderbird 1.5.0.7
Mozilla Firefox 1.5.0.4
Mozilla Firefox 1.5.0.5
Mozilla Seamonkey 1.0.2
Mozilla Seamonkey 1.0.3
Mozilla Thunderbird 1.5.0.1
Mozilla Thunderbird 1.5.0.2
Mozilla Firefox 1.5.0.6
Mozilla Firefox 1.5.0.7
Mozilla Seamonkey 1.0.4
Mozilla Seamonkey 1.0.5
Mozilla Thunderbird 1.5.0.3
Mozilla Thunderbird 1.5.0.4
5.8
CVSSv2
CVE-2013-5606
The CERT_VerifyCert function in lib/certhigh/certvfy.c in Mozilla Network Security Services (NSS) 3.15 prior to 3.15.3 provides an unexpected return value for an incompatible key-usage certificate when the CERTVerifyLog argument is valid, which might allow remote malicious users ...
Mozilla Network Security Services 3.15.1
Mozilla Network Security Services 3.15.2
Mozilla Network Security Services 3.15
5.8
CVSSv2
CVE-2009-3555
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and previous versions, OpenSSL prior to 0.9.8l, GnuTLS 2.8.5 and previous versions, Mozilla Network Security Ser...
Openssl Openssl 1.0
Apache Http Server
Openssl Openssl
Gnu Gnutls
Mozilla Nss
Debian Debian Linux 5.0
Canonical Ubuntu Linux 10.10
Fedoraproject Fedora 11
Fedoraproject Fedora 13
Debian Debian Linux 4.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 9.04
Debian Debian Linux 6.0
Fedoraproject Fedora 12
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 9.10
Fedoraproject Fedora 14
F5 Nginx
2 EDB exploits
10 Github repositories
5.8
CVSSv2
CVE-2007-0996
The child frames in Mozilla Firefox prior to 1.5.0.10 and 2.x prior to 2.0.0.2, and SeaMonkey prior to 1.0.8 inherit the default charset from the parent window, which allows remote malicious users to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 char...
Mozilla Firefox 1.5.0.5
Mozilla Firefox 1.5.0.6
Mozilla Firefox 2.0.0.1
Mozilla Firefox 2.0
Mozilla Seamonkey 1.0.5
Mozilla Seamonkey 1.0.6
Mozilla Firefox 1.5.0.3
Mozilla Firefox 1.5.0.4
Mozilla Firefox 1.5
Mozilla Seamonkey 1.0.3
Mozilla Seamonkey 1.0.4
Mozilla Firefox 1.5.0.7
Mozilla Firefox 1.5.0.8
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.0.7
Mozilla Firefox 1.5.0.1
Mozilla Firefox 1.5.0.2
Mozilla Firefox 1.5.0.9
Mozilla Seamonkey 1.0.1
Mozilla Seamonkey 1.0.2
5.5
CVSSv2
CVE-2022-22576
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL...
Haxx Curl
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Clustered Data Ontap -
Netapp Solidfire \\& Hci Management Node -
Netapp Solidfire \\& Hci Storage Node -
Brocade Fabric Operating System -
Netapp Bootstrap Os -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
5.4
CVSSv2
CVE-2007-0778
The page cache feature in Mozilla Firefox prior to 1.5.0.10 and 2.x prior to 2.0.0.2, and SeaMonkey prior to 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote malicious users to obtain sensitive information or enab...
Mozilla Firefox
Mozilla Seamonkey
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 5.10
Debian Debian Linux 3.1
5.1
CVSSv2
CVE-2019-9811
As part of a winning Pwn2Own entry, a researcher demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird <...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
Debian Debian Linux 8.0
Novell Suse Package Hub For Suse Linux Enterprise 12
Opensuse Leap 15.0
Opensuse Leap 15.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »