Vulnerabilities (CVE)

Vendor filter

Mozilla Subscribe

Product filter

Network Security Services Subscribe

Filter

13 total CVE
CVE Vendors Products Updated CVSS
CVE-2016-2834 4 Mozilla, Canonical, Novell and 1 more 10 Ubuntu Linux, Leap, Suse Linux Enterprise Software Development Kit and 7 more 2018-10-30 9.3
Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.
CVE-2013-5605 1 Mozilla 1 Network Security Services 2018-10-09 7.5
Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets.
CVE-2013-1741 1 Mozilla 1 Network Security Services 2018-10-09 7.5
Integer overflow in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large size value.
CVE-2009-2404 1 Mozilla 1 Network Security Services 2018-10-03 9.3
Heap-based buffer overflow in a regular-expression parser in Mozilla Network Security Services (NSS) before 3.12.3, as used in Firefox, Thunderbird, SeaMonkey, Evolution, Pidgin, and AOL Instant Messenger (AIM), allows remote SSL servers to cause...
CVE-2017-5461 1 Mozilla 1 Network Security Services 2018-09-20 7.5
Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified...
CVE-2016-1978 1 Mozilla 2 Firefox, Network Security Services 2017-11-04 7.5
Use-after-free vulnerability in the ssl3_HandleECDHServerKeyExchange function in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, allows remote attackers to cause a denial of service or possibly have...
CVE-2015-7182 2 Mozilla, Oracle 8 Glassfish Server, Firefox Esr, Iplanet Web Proxy Server and 5 more 2017-11-04 7.5
Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to...
CVE-2015-7181 1 Mozilla 3 Firefox, Firefox Esr, Network Security Services 2017-11-04 7.5
The sec_asn1d_parse_leaf function in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, improperly restricts access to an...
CVE-2015-7183 1 Mozilla 3 Firefox, Firefox Esr, Network Security Services 2017-10-20 7.5
Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape Portable Runtime (NSPR) in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and...
CVE-2014-1569 1 Mozilla 1 Network Security Services 2017-09-22 7.5
The definite_length_decoder function in lib/util/quickder.c in Mozilla Network Security Services (NSS) before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote...
CVE-2014-1568 2 Google, Mozilla 6 Firefox Esr, Seamonkey, Thunderbird and 3 more 2017-08-29 7.5
Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1...
CVE-2004-0826 4 Hp, Netscape, Mozilla and 1 more 10 Hp-ux, Certificate Server, Directory Server and 7 more 2017-07-11 7.5
Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.
CVE-2014-1544 1 Mozilla 4 Firefox, Thunderbird, Network Security Services and 1 more 2017-01-07 10.0
Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers...