Mozilla

Network Security Services

50 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2017-11697

Exploit
  • EPSS 0.11%
  • Veröffentlicht 27.12.2017 19:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The __hash_open function in hash.c:229 in Mozilla Network Security Services (NSS) allows context-dependent attackers to cause a denial of service (floating point exception and crash) via a crafted cert8.db file.

7.8

CVE-2017-11695

Exploit
  • EPSS 0.09%
  • Veröffentlicht 27.12.2017 19:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Heap-based buffer overflow in the alloc_segs function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file.

7.8

CVE-2017-11696

Exploit
  • EPSS 0.09%
  • Veröffentlicht 27.12.2017 19:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Heap-based buffer overflow in the __hash_open function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file.

7.8

CVE-2017-11698

Exploit
  • EPSS 0.09%
  • Veröffentlicht 27.12.2017 19:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Heap-based buffer overflow in the __get_page function in lib/dbm/src/h_page.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file.

7.5

CVE-2017-7502

  • EPSS 1.45%
  • Veröffentlicht 30.05.2017 18:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into denial of service by remote attacker.

9.8

CVE-2017-5461

  • EPSS 0.93%
  • Veröffentlicht 11.05.2017 01:29:05
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other i...

9.3

CVE-2016-2834

  • EPSS 0.4%
  • Veröffentlicht 13.06.2016 10:59:15
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.

8.8

CVE-2016-1979

  • EPSS 0.71%
  • Veröffentlicht 13.03.2016 18:59:28
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Use-after-free vulnerability in the PK11_ImportDERPrivateKeyInfoAndReturnKey function in Mozilla Network Security Services (NSS) before 3.21.1, as used in Mozilla Firefox before 45.0, allows remote attackers to cause a denial of service or possibly h...

7.5

CVE-2016-1978

  • EPSS 2.46%
  • Veröffentlicht 13.03.2016 18:59:27
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Use-after-free vulnerability in the ssl3_HandleECDHServerKeyExchange function in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, allows remote attackers to cause a denial of service or possibly have unspec...

8.8

CVE-2016-1950

  • EPSS 1.87%
  • Veröffentlicht 13.03.2016 18:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via ...