CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2017/05/03 12:0 a.m.•26 views

EulerOS 2.0 SP1 : nss, nss-util (EulerOS-SA-2017-1075)

According to the version of the nss, nss-util packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An out-of-bounds write flaw was found in the way NSS performed certain Base64-decoding operations. An attacker could use this flaw to create...

Tenable Nessus•added 2017/05/03 12:0 a.m.•32 views

EulerOS 2.0 SP2 : nss, nss-util (EulerOS-SA-2017-1076)

Tenable Nessus•added 2017/04/28 12:0 a.m.•77 views

Ubuntu 14.04 LTS / 16.04 LTS : NSS vulnerabilities (USN-3270-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3270-1 advisory. Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker...

9.8CVSS7.9AI score0.95707EPSS

Exploits7References3

Tenable Nessus•added 2017/04/28 12:0 a.m.•248 views

Amazon Linux AMI : nss / nss-util (ALAS-2017-825)

An out-of-bounds write flaw was found in the way NSS performed certain Base64-decoding operations. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash or execute arbitrary code, using the permissions of the user running an...

OpenVAS•added 2017/04/28 12:0 a.m.•38 views

Ubuntu: Security Advisory (USN-3270-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.95707EPSS

Exploits7References2

Ubuntu•added 2017/04/27 4:47 p.m.•127 views

USN-3270-1: NSS vulnerabilities

Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update causes NSS to limit use of the same symmetric key...

9.8CVSS7.8AI score0.95707EPSS

Exploits7

Amazon•added 2017/04/27 12:0 a.m.•44 views

Critical: nss, nss-util

Issue Overview: An out-of-bounds write flaw was found in the way NSS performed certain Base64-decoding operations. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash or execute arbitrary code, using the permissions of the...

9.8CVSS9.8AI score0.04741EPSS

Exploits0References1

Tenable Nessus•added 2017/04/24 12:0 a.m.•46 views

Scientific Linux Security Update : nss-util on SL6.x, SL7.x x86_64 (20170420)

Security Fixes : - An out-of-bounds write flaw was found in the way NSS performed certain Base64-decoding operations. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash or execute arbitrary code, using the permissions of th...

Tenable Nessus•added 2017/04/21 12:0 a.m.•50 views

FreeBSD : NSS -- multiple vulnerabilities (4cb165f0-6e48-423e-8147-92255d35c0f7)

Mozilla Foundation reports : An out-of-bounds write during Base64 decoding operation in the Network Security Services NSS library due to insufficient memory being allocated to the buffer. This results in a potentially exploitable crash. The NSS library has been updated to fix this issue to addres...

9.8CVSS7.3AI score0.04741EPSS

RedHat Linux•added 2017/04/20 5:0 a.m.•3 views

nss: Write beyond bounds caused by bugs in Base64 de/encoding in nssb64d.c and nssb64e.c (MFSA 2017-10)

RedHat Linux•added 2017/04/20 2:37 a.m.•78 views

Critical: Red Hat Security Advisory: nss-util security update

An update for nss-util is now available for Red Hat Enterprise Linux 6.2 Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.5 Telco Extended Update Support, Red Hat Enterprise Linux 6.6...

RedHat Linux•added 2017/04/20 2:17 a.m.•99 views

Critical: Red Hat Security Advisory: nss security update

An update for nss is now available for Red Hat Enterprise Linux 5 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

RedHat Linux•added 2017/04/20 2:16 a.m.•2 views

nss: Write beyond bounds caused by bugs in Base64 de/encoding in nssb64d.c and nssb64e.c (MFSA 2017-10)

RedHat Linux•added 2017/04/20 2:16 a.m.•71 views

Critical: Red Hat Security Advisory: nss security update

An update for nss is now available for Red Hat Enterprise Linux 5.9 Long Life. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Tenable Nessus•added 2017/04/20 12:0 a.m.•249 views

RHEL 5 : nss (RHSA-2017:1103)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:1103 advisory. Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server...

ArchLinux•added 2017/04/20 12:0 a.m.•34 views

[ASA-201704-4] nss: arbitrary code execution

Arch Linux Security Advisory ASA-201704-4 ========================================= Severity: Critical Date : 2017-04-20 CVE-ID : CVE-2017-5461 Package : nss Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-247 Summary ======= The package nss before version...

9.8CVSS2.2AI score0.04741EPSS