Lucene search
+L

3 matches found

OSV
OSV
added 2026/04/27 6:33 p.m.21 views

JLSEC-2026-263 Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously crafted PKCS#12 file...

Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption...

7.4CVSS7.7AI score0.00444EPSS
Exploits1References9
EUVD
EUVD
added 2026/01/27 4:1 p.m.11 views

EUVD-2026-4815

Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS12 file. Impact summary: An application processing a malformed PKCS12 file can be caused to dereference an invalid or NULL pointer on memory read, resulting in a Denial of Service. A type...

5.9AI score0.00144EPSS
Exploits1References6
Microsoft CVE
Microsoft CVE
added 2021/12/17 8:0 a.m.8 views

NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS S/MIME PKCS \#7 or PKCS \#12 are likely to be impacted. Applications using NSS for certificate validation or other TLS X.509 OCSP or CRL functionality may be impacted depending on how they configure NSS. *Note: This vulnerability does NOT impact Mozilla Firefox.* However email clients and PDF viewers that use NSS for signature verification such as Thunderbird LibreOffice Evolution and Evince are believed to be impacted. This vulnerability affects NSS < 3.73 and NSS < 3.68.1.

...

9.8CVSS8.8AI score0.17563EPSS
Exploits0
Rows per page
Query Builder