Max CVSS | 10.0 | Min CVSS | 1.2 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2015-2730 | 4.3 |
Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography (ECC) multiplications, which
|
22-10-2024 - 13:54 | 06-07-2015 - 02:01 | |
CVE-2014-1568 | 7.5 |
Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31
|
21-10-2024 - 13:55 | 25-09-2014 - 17:55 | |
CVE-2020-6829 | 5.0 |
When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the p
|
20-02-2023 - 17:15 | 28-10-2020 - 12:15 | |
CVE-2013-1620 | 4.3 |
The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct di
|
21-12-2022 - 17:30 | 08-02-2013 - 19:55 | |
CVE-2020-12402 | 1.2 |
During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to re
|
04-01-2022 - 16:38 | 09-07-2020 - 15:15 | |
CVE-2019-11745 | 6.8 |
When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerabilit
|
19-02-2021 - 17:22 | 08-01-2020 - 20:15 | |
CVE-2019-17007 | 5.0 |
In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service.
|
19-02-2021 - 16:58 | 22-10-2020 - 21:15 | |
CVE-2019-11745 | 6.8 |
When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerabilit
|
30-09-2020 - 18:15 | 08-01-2020 - 20:15 | |
CVE-2020-12402 | 1.2 |
During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to re
|
30-09-2020 - 18:15 | 09-07-2020 - 15:15 | |
CVE-2014-1492 | 4.3 |
The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS) before 3.16 accepts a wildcard character that is embedded in an internationalized domain name's U-label, which
|
09-10-2018 - 19:42 | 25-03-2014 - 13:25 | |
CVE-2014-1545 | 10.0 |
Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions. Per: http://cwe.mitre.org/data/defini
|
28-12-2017 - 02:29 | 11-06-2014 - 10:57 | |
CVE-2016-1979 | 6.8 |
Use-after-free vulnerability in the PK11_ImportDERPrivateKeyInfoAndReturnKey function in Mozilla Network Security Services (NSS) before 3.21.1, as used in Mozilla Firefox before 45.0, allows remote attackers to cause a denial of service or possibly h
|
04-11-2017 - 01:29 | 13-03-2016 - 18:59 | |
CVE-2010-3170 | 4.3 |
Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-th
|
19-09-2017 - 01:31 | 21-10-2010 - 19:00 |