Lucene search
K

48 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 7 : nss-3.36.0-7.el7 (AXSA:2018-3341:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3341:02 advisory. nss: ServerHello.random is all zeros when handling a v2-compatible ClientHello CVE-2018-12384 Tenable has extracted the preceding description block directly...

5.9CVSS8.5AI score0.01496EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

MiracleLinux 4 : nss-3.36.0-9.AXS4 (AXSA:2018-3352:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3352:01 advisory. nss: ServerHello.random is all zeros when handling a v2-compatible ClientHello CVE-2018-12384 Tenable has extracted the preceding description block directly...

5.9CVSS6.2AI score0.01496EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2023/02/21 7:56 p.m.45 views

K41738501: Mozilla NSS vulnerability CVE-2018-12384

Security Advisory Description When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.39. This does not...

5.9CVSS6AI score0.01496EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.26 views

Ubuntu: Security Advisory (USN-3850-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.3AI score0.44398EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/07 7:14 p.m.34 views

Security Bulletin: This Power System update is being released to address CVE-2018-12384

Summary POWER9: In response to a data leak vulnerability in the network security services, a new Power Systems firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE-2018-12384. This man-in-the-middle attack could provide false completion or errant...

5.9CVSS0.2AI score0.01496EPSS
Exploits0Affected Software2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2019-1169)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.4AI score0.01496EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2018-1358)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.4AI score0.01496EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.14 views

Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2018-1366)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.4AI score0.01496EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.32 views

NewStart CGSL MAIN 4.05 : nss Vulnerability (NS-SA-2019-0131)

The remote NewStart CGSL host, running version MAIN 4.05, has nss packages installed that are affected by a vulnerability: - A flaw was found in the way NSS responded to an SSLv2-compatible ClientHello with a ServerHello that had an all-zero random. A man-in-the-middle attacker could use this fla...

5.9CVSS6.1AI score0.01496EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/05/14 12:0 a.m.43 views

EulerOS Virtualization for ARM 64 3.0.1.0 : nss (EulerOS-SA-2019-1397)

According to the versions of the nss packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way NSS responded to an SSLv2-compatible ClientHello with a ServerHello that had an all-zero...

7.5CVSS7.8AI score0.03153EPSS
Exploits0References3
CVE
CVE
added 2019/04/29 2:22 p.m.251 views

CVE-2018-12384

The CVE-2018-12384 issue affects Mozilla NSS (as used by Firefox) where handling an SSLv2-compatible ClientHello uses an all-zero random value instead of a fresh one, enabling malleability and potential information leakage in TLS 1.2 on affected NSS versions prior to 3.39. The vulnerability does ...

5.9CVSS5.9AI score0.01496EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2019/04/29 2:22 p.m.42 views

CVE-2018-12384

When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.39. This does not impact TLS 1.3...

5.9CVSS6.2AI score0.01496EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.29 views

openSUSE Security Update : mozilla-nss (openSUSE-2019-998)

This update for mozilla-nss to version 3.36.6 fixes the following issues : Security issues fixed : - CVE-2018-12384: NSS responded to an SSLv2-compatible ClientHello with a ServerHello that had an all-zero random bmo1483128, boo1106873 - CVE-2018-12404: Cache side-channel variant of the...

5.9CVSS6.2AI score0.44398EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.31 views

openSUSE Security Update : mozilla-nspr and mozilla-nss (openSUSE-2019-1039)

This update for mozilla-nss and mozilla-nspr fixes the following issues : Issues fixed in mozilla-nss : - Update to NSS 3.40.1 bsc1119105 - CVE-2018-12404: Fixed a cache side-channel variant of the Bleichenbacher attack bsc1119069 - CVE-2018-12384: Fixed an issue in the SSL handshake. NSS respond...

5.9CVSS6.1AI score0.44398EPSS
Exploits1References5
IBM Security Bulletins
IBM Security Bulletins
added 2019/03/11 3:35 p.m.32 views

Security Bulletin: A Security Vulnerability affects IBM Cloud Private Kiali Istio addon

Summary A Security Vulnerability affects IBM Cloud Private Kiali Istio addon Vulnerability Details CVEID: CVE-2018-12384 DESCRIPTION: Mozilla Network Security Services NSS, as used in Mozilla Firefox, could allow a remote attacker to obtain sensitive information, caused by the improper handling o...

5.9CVSS0.7AI score0.01496EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/02/21 11:30 a.m.40 views

Security Bulletin: IBM MQ Appliance is affected by a Mozilla Network Security Services (NSS) vulnerability (CVE-2018-12384)

Summary IBM MQ Appliance has addressed the following Mozilla Network Security Services NSS vulnerability. Vulnerability Details CVEID: CVE-2018-12384 DESCRIPTION: Mozilla Network Security Services NSS, as used in Mozilla Firefox, could allow a remote attacker to obtain sensitive information, caus...

5.9CVSS1AI score0.01496EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/01/10 12:0 a.m.41 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : NSS vulnerabilities (USN-3850-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3850-1 advisory. Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perfo...

5.9CVSS6.3AI score0.44398EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2019/01/10 12:0 a.m.27 views

Ubuntu: Security Advisory (USN-3850-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.3AI score0.44398EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2019/01/09 5:41 p.m.268 views

USN-3850-1: NSS vulnerabilities

Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. CVE-2018-0495 It was discovered that NSS incorrectly handled certain v2-compatible ClientHello messages. A remo...

5.9CVSS6.2AI score0.44398EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.43 views

SUSE SLED15 / SLES15 Security Update : MozillaFirefox, mozilla-nspr / mozilla-nss (SUSE-SU-2018:4235-1)

This update for MozillaFirefox, mozilla-nss and mozilla-nspr fixes the following issues : Issues fixed in MozillaFirefox : Update to Firefox ESR 60.4 bsc1119105 CVE-2018-17466: Fixed a buffer overflow and out-of-bounds read in ANGLE library with TextureStorage11 CVE-2018-18492: Fixed a...

9.8CVSS7.6AI score0.44398EPSS
Exploits1References23
Rows per page
Query Builder