OESA-2026-2612 nss security update

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

EUVD-2026-4421

Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains a Cleartext Transmission of Sensitive Information vulnerability in the Fabric Syslog. An unauthenticated attacker with remote access could potentially exploit this vulnerability to intercept and...

MiracleLinux 7 : nss-softokn-3.44.0-8.el7, nss-util-3.44.0-4.el7, nss-3.44.0-7.el7 (AXSA:2019-4421:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4421:01 advisory. nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSCEncryptUpdate CVE-2019-11745 nss: Empty or malformed...

DLA-4421-1 python-urllib3 - security update

Bulletin has no description...

Linux Distros Unpatched Vulnerability : CVE-2023-4421

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The NSS code used for checking PKCS1 v1.5 was leaking information useful in mounting Bleichenbacher-like attacks. Both the overall correctness of the padding as...

CVE-2025-4421

creationtimestamp| type| source ---|---|--- 2025-07-30 03:22:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lv5o5wqgey2c 2025-07-30 07:31:39+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lv643yngtx2h...

CVE-2025-4421

The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the vulnerability. https://support.lenovo.com/us/en/productsecurity/home...

CVE-2025-4421 EfiSmiServices: gEfiSmmCpuProtocol, SMM memory corruption vulnerabilities in SMM module

The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the vulnerability. https://support.lenovo.com/us/en/productsecurity/home...

CVE-2025-4421

CVE-2025-4421 involves SMM memory corruption in the InsydeH2O firmware, linked to Lenovo-related firmware code. The root cause is a vulnerability in the SMM module involving gEfiSmmCpuProtocol/EfiSmiServices that can corrupt SMM memory. Connected docs describe insecure firmware leading to unautho...

CVE-2022-4421

A vulnerability was found in rAthena FluxCP. It has been classified as problematic. Affected is an unknown function of the file themes/default/servicedesk/view.php of the component Service Desk Image URL Handler. The manipulation of the argument sslink leads to cross site scripting. It is possibl...

CVE-2012-4421

The createpost function in wp-includes/class-wp-atom-server.php in WordPress before 3.4.2 does not perform a capability check, which allows remote authenticated users to bypass intended access restrictions and publish new posts by leveraging the Contributor role and using the Atom Publishing...

Amazon Linux 2 : nss-softokn (ALAS-2025-2835)

The version of nss-softokn installed on the remote host is prior to 3.67.0-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2835 advisory. new tlsfuzzer code can still detect timing issues in RSA operations CVE-2023-4421 Tenable has extracted the preceding...

Medium: nss-softokn

Issue Overview: new tlsfuzzer code can still detect timing issues in RSA operations CVE-2023-4421 Affected Packages: nss-softokn Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue...

Medium: nss-softokn

Issue Overview: new tlsfuzzer code can still detect timing issues in RSA operations CVE-2023-4421 Affected Packages: nss-softokn Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue...

Linux Distros Unpatched Vulnerability : CVE-2016-4421

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of...

Security Bulletin: A vulnerability in NSS may affect IBM Robotic Process Automation for Cloud Pak and result in a remote attacker obtaining sensitive information (CVE-2023-4421).

Summary NSS is used by IBM Robotic Process Automation for Cloud Pak as part of Watson NLP. CVE-2023-4421. Vulnerability Details CVEID:CVE-2023-4421 DESCRIPTION: Mozilla Network Security Services NSS, as used in Mozilla Firefox, could allow a remote authenticated attacker to obtain sensitive...

CVE-2023-4421

The NSS code used for checking PKCS1 v1.5 was leaking information useful in mounting Bleichenbacher-like attacks. Both the overall correctness of the padding as well as the length of the encrypted message was leaking through timing side-channel. By sending large number of attacker-selected...

CVE-2023-4421

The NSS code used for checking PKCS1 v1.5 was leaking information useful in mounting Bleichenbacher-like attacks. Both the overall correctness of the padding as well as the length of the encrypted message was leaking through timing side-channel. By sending large number of attacker-selected...

CVE-2023-4421

CVE-2023-4421 concerns the NSS library’s handling of PKCS#1 v1.5 padding, where timing side-channel leakage exposed information about padding validity and message length. This could enable Bleichenbacher-like attacks, allowing an attacker to decrypt previously intercepted PKCS#1 v1.5 ciphertext (...

Debian dla-3634 : libnss3 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3634 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3634-1 [email protected]...