Skip to main content

Opensso

3 CVEs product

Monthly

CVE-2015-7182 CRITICAL PATCH Act Now

Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 11.0%.

Denial Of Service Mozilla Buffer Overflow RCE Traffic Director +6
NVD
CVSS 3.0
9.8
EPSS
11.0%
CVE-2013-1620 MEDIUM This Month

The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Mozilla Information Disclosure Network Security Services Ubuntu Linux Enterprise Manager Ops Center +12
NVD
CVSS 2.0
4.3
EPSS
0.9%
CVE-2012-0079 MEDIUM This Month

Unspecified vulnerability in Oracle OpenSSO 7.1 and 8.0 allows remote attackers to affect integrity via unknown vectors related to Administration. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Opensso
NVD
CVSS 2.0
4.3
EPSS
0.6%
EPSS 11% CVSS 9.8
CRITICAL PATCH Act Now

Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 11.0%.

Denial Of Service Mozilla Buffer Overflow +8
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Mozilla Information Disclosure Network Security Services +14
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Unspecified vulnerability in Oracle OpenSSO 7.1 and 8.0 allows remote attackers to affect integrity via unknown vectors related to Administration. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Opensso
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy