Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nss vulnerabilities and exploits
(subscribe to this query)
694
VMScore
CVE-2006-3127
Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote malicious users to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic...
Sun Java Enterprise System 2004q2
Sun Java Enterprise System 2005q1
Sun Java System Directory Server 5.2
Sun Java Enterprise System 2003q4
614
VMScore
CVE-2007-4138
The Winbind nss_info extension (nsswitch/idmap_ad.c) in idmap_ad.so in Samba 3.0.25 up to and including 3.0.25c, when the "winbind nss info" option is set to rfc2307 or sfu, grants all local users the privileges of gid 0 when the (1) RFC2307 or (2) Services for UNIX (SF...
Samba Samba 3.0.25
Samba Samba 3.0.25a
Samba Samba 3.0.25b
Samba Samba 3.0.25c
445
VMScore
CVE-2017-5462
A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. The NSS library has been updated to fix this issue to address this issue and Firefox ESR 52.1 has been updated with NSS version 3.28....
Debian Debian Linux 8.0
Mozilla Firefox Esr
Mozilla Thunderbird
Mozilla Firefox
Mozilla Network Security Services
Mozilla Firefox Esr 52.0
169
VMScore
CVE-2010-0826
The Free Software Foundation (FSF) Berkeley DB NSS module (aka libnss-db) 2.2.3pre1 reads the DB_CONFIG file in the current working directory, which allows local users to obtain sensitive information via a symlink attack involving a setgid or setuid application that uses this mod...
Piotr Roszatycki Libnss-db 2.2.3
828
VMScore
CVE-2007-0776
Heap-based buffer overflow in the _cairo_pen_init function in Mozilla Firefox 2.x prior to 2.0.0.2, Thunderbird prior to 1.5.0.10, and SeaMonkey prior to 1.0.8 allows remote malicious users to execute arbitrary code via a large stroke-width attribute in the clipPath element in an...
Mozilla Seamonkey
Mozilla Thunderbird
Mozilla Firefox
890
VMScore
CVE-2007-5252
Buffer overflow in NetSupport Manager (NSM) Client 10.00 and 10.20, and NetSupport School Student (NSS) 9.00, allows remote NSM servers to cause a denial of service or possibly execute arbitrary code via crafted data in the configuration exchange phase of an initial connection se...
Netsupport Netsupport Manager Client 10.00
Netsupport Netsupport Manager Client 10.20
Netsupport Netsupport School Student 9.00
329
VMScore
CVE-2007-0775
Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox prior to 1.5.0.10 and 2.x prior to 2.0.0.2, Thunderbird prior to 1.5.0.10, and SeaMonkey prior to 1.0.8 allow remote malicious users to cause a denial of service (crash) and potentially execute arbitrary...
Mozilla Firefox 1.0
Mozilla Firefox 1.0.1
Mozilla Firefox 1.0.7
Mozilla Firefox 1.0.8
Mozilla Firefox 1.5.0.6
Mozilla Firefox 1.5.0.7
Mozilla Firefox 1.5.0.8
Mozilla Firefox 2.0
Mozilla Seamonkey 1.0.6
Mozilla Seamonkey 1.0.7
Mozilla Thunderbird 1.0.8
Mozilla Thunderbird 1.5
Mozilla Firefox 1.0.2
Mozilla Firefox 1.0.3
Mozilla Firefox 1.5
Mozilla Firefox 1.5.0.1
Mozilla Firefox 1.5.0.9
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.0.1
Mozilla Firefox 1.0.6
Mozilla Firefox 1.5.0.4
Mozilla Firefox 1.5.0.5
605
VMScore
CVE-2008-3532
The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote malicious users to trick a user into accepting an invalid server certificate for a spoofed service.
Pidgin Pidgin 2.4.3
383
VMScore
CVE-2011-5094
Mozilla Network Security Services (NSS) 3.x, with certain settings of the SSL_ENABLE_RENEGOTIATION option, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, which might make it easier for remote malicious users to cause a denial of servic...
Mozilla Network Security Services 3.11.2
Mozilla Network Security Services 3.6.1
Mozilla Network Security Services 3.2
Mozilla Network Security Services 3.11.4
Mozilla Network Security Services 3.7.7
Mozilla Network Security Services 3.7.5
Mozilla Network Security Services 3.7.1
Mozilla Network Security Services 3.6
Mozilla Network Security Services 3.2.1
Mozilla Network Security Services 3.9
Mozilla Network Security Services 3.4
Mozilla Network Security Services 3.8
Mozilla Network Security Services 3.4.1
Mozilla Network Security Services 3.11.5
Mozilla Network Security Services 3.7
Mozilla Network Security Services 3.7.2
Mozilla Network Security Services 3.3
Mozilla Network Security Services 3.7.3
Mozilla Network Security Services 3.4.2
Mozilla Network Security Services 3.3.2
Mozilla Network Security Services 3.5
Mozilla Network Security Services 3.11.3
383
VMScore
CVE-2012-2668
libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31 and previous versions, when using the Mozilla NSS backend, always uses the default cipher suite even when TLSCipherSuite is set, which might cause OpenLDAP to use weaker ciphers than intended and make it easier for remote mal...
Openldap Openldap 2.4.17
Openldap Openldap 2.4.6
Openldap Openldap 2.4.11
Openldap Openldap 2.4.8
Openldap Openldap 2.4.26
Openldap Openldap 2.4.9
Openldap Openldap 2.4.16
Openldap Openldap
Openldap Openldap 2.4.29
Openldap Openldap 2.4.22
Openldap Openldap 2.4.25
Openldap Openldap 2.4.20
Openldap Openldap 2.4.15
Openldap Openldap 2.4.18
Openldap Openldap 2.4.27
Openldap Openldap 2.4.7
Openldap Openldap 2.4.28
Openldap Openldap 2.4.23
Openldap Openldap 2.4.24
Openldap Openldap 2.4.14
Openldap Openldap 2.4.19
Openldap Openldap 2.4.12
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »