CVE-2022-3479

>= 3.77 and < 3.87

A vulnerability found in nss. By this security vulnerability, nss client auth crash without a user certificate in the database and

7.5HIGH

CVE-2019-17007

< 3.44

In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial

7.5HIGH

CVE-2019-17006

< 3.46

In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the app

9.8CRITICAL

CVE-2018-18508

< 3.36.7

In Network Security Services (NSS) before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null derefere

6.5MEDIUM

CVE-2020-25648

< 3.58

A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send mul

7.5HIGH

CVE-2018-12404

< 3.41

A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a

5.9MEDIUM

CVE-2018-12384

< 3.39

When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value i

5.9MEDIUM

CVE-2016-8635

>= 3.21 and <= 3.21.4

It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was vulnerable to small subgroup confinement attack. A

5.3MEDIUM

CVE-2016-9574

< 3.30

nss before version 3.30 is vulnerable to a remote denial of service during the session handshake when using SessionTicket extensio

5.9MEDIUM

CVE-2017-5462

< 3.28.4

A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly

5.3MEDIUM

CVE-2017-11698

all versions

Heap-based buffer overflow in the __get_page function in lib/dbm/src/h_page.c in Mozilla Network Security Services (NSS) allows co

7.8HIGH

CVE-2017-11697

all versions

The __hash_open function in hash.c:229 in Mozilla Network Security Services (NSS) allows context-dependent attackers to cause a de

7.8HIGH

CVE-2017-11696

all versions

Heap-based buffer overflow in the __hash_open function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows con

7.8HIGH

CVE-2017-11695

all versions

Heap-based buffer overflow in the alloc_segs function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows cont

7.8HIGH

CVE-2017-7502

all versions

Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into deni

7.5HIGH

CVE-2017-5461

< 3.21.4

Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x befor

9.8CRITICAL

CVE-2016-2834

<= 3.22

Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a de

8.8HIGH

CVE-2016-1979

<= 3.21

Use-after-free vulnerability in the PK11_ImportDERPrivateKeyInfoAndReturnKey function in Mozilla Network Security Services (NSS) b

8.8HIGH

CVE-2016-1978

<= 3.20.1

Use-after-free vulnerability in the ssl3_HandleECDHServerKeyExchange function in Mozilla Network Security Services (NSS) before 3.

7.3HIGH

CVE-2016-1950

all versions

Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used

8.8HIGH

CVE-2015-7575

<= 3.20.1

Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2

5.9MEDIUM

CVE-2015-7183

<= 3.19.2.0

Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape Portable Runtime (NSPR) in Mozilla Network Security Services

CVE-2015-7182

<= 3.19.2.0

Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.

9.8CRITICAL

CVE-2015-7181

<= 3.19.2.0

The sec_asn1d_parse_leaf function in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in

CVE-2015-2730

<= 3.19

Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38

CVE-2015-2721

all versions

Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x

CVE-2015-4000

all versions

The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly conv

3.7LOW

CVE-2014-1569

<= 3.16.2.3

The definite_length_decoder function in lib/util/quickder.c in Mozilla Network Security Services (NSS) before 3.16.2.4 and 3.17.x

CVE-2014-1568

<= 3.16.2.0

Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefo

CVE-2014-1544

all versions

Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x,

CVE-2014-1492

<= 3.15.5

The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Servi

CVE-2014-1491

< 3.15.4

Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thund

CVE-2014-1490

< 3.15.4

Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox

CVE-2013-1740

<= 3.15.3

The ssl_Do1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services (NSS) before 3.15.4, when the TLS Fal

CVE-2013-5606

all versions

The CERT_VerifyCert function in lib/certhigh/certvfy.c in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 provides an u

CVE-2013-5605

all versions

Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of ser

CVE-2013-1741

all versions

Integer overflow in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 allows remote attackers to cause a denial of servic

CVE-2013-1739

<= 3.15.1

Mozilla Network Security Services (NSS) before 3.15.2 does not ensure that data structures are initialized before read operations,

CVE-2013-0791

< 3.15

The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ES

CVE-2013-1620

< 3.14.3

The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a nonc

CVE-2011-5094

all versions

Mozilla Network Security Services (NSS) 3.x, with certain settings of the SSL_ENABLE_RENEGOTIATION option, does not properly restr

CVE-2012-0441

<= 3.12.3

The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through

CVE-2009-2404

all versions

Heap-based buffer overflow in a regular-expression parser in Mozilla Network Security Services (NSS) before 3.12.3, as used in Fir

CVE-2009-2409

< 3.12.3

The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 throug

CVE-2009-2408

< 3.12.3

Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.

5.9MEDIUM

CVE-2007-0009

< 3.11.5

Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox befo

CVE-2007-0008

all versions

Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.1

CVE-2006-5462

all versions

Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.

CVE-2006-4340

<= 3.11.2

Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.

CVE-2004-0826

all versions

Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code v