Vulnerabilities (CVE)

Vendor filter

Mozilla Subscribe

Product filter

Network Security Services Subscribe

Filter

46 total CVE
CVE Vendors Products Updated CVSS
CVE-2013-0791 1 Mozilla 6 Firefox Esr, Seamonkey, Thunderbird and 3 more 2017-09-19 5.0
The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and...
CVE-2014-1568 2 Google, Mozilla 6 Firefox Esr, Seamonkey, Thunderbird and 3 more 2017-08-29 7.5
Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1...
CVE-2004-0826 4 Hp, Netscape, Mozilla and 1 more 10 Hp-ux, Certificate Server, Directory Server and 7 more 2017-07-11 7.5
Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.
CVE-2014-1544 1 Mozilla 4 Firefox, Thunderbird, Network Security Services and 1 more 2017-01-07 10.0
Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers...
CVE-2015-2730 4 Mozilla, Debian, Oracle and 1 more 7 Suse Linux Enterprise Software Development Kit, Debian Linux, Suse Linux Enterprise Desktop and 4 more 2016-12-28 4.3
Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography (ECC) multiplications,...
CVE-2011-5094 1 Mozilla 1 Network Security Services 2012-06-18 4.3
** DISPUTED ** Mozilla Network Security Services (NSS) 3.x, with certain settings of the SSL_ENABLE_RENEGOTIATION option, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, which might make it easier for...