Lucene search
K

53 matches found

F5 Networks
F5 Networks
added 2023/02/21 7:42 p.m.54 views

K15630: TLS in Mozilla NSS vulnerability CVE-2013-1620

Security Advisory Description The TLS implementation in Mozilla Network Security Services NSS does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attack...

4.3CVSS7.3AI score0.03723EPSS
Exploits0Affected Software18
Veracode
Veracode
added 2019/05/02 5:0 a.m.36 views

Denial Of Service (DoS)

Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime NSPR provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS handled...

7.5CVSS7AI score0.04399EPSS
Exploits0References29Affected Software3
Veracode
Veracode
added 2019/05/02 4:48 a.m.36 views

Timing Side-Channel

Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime NSPR provides platform independence for non-GUI operating system facilities. It was discovered that NSS leaked timin...

5CVSS5.6AI score0.05213EPSS
Exploits0References24Affected Software4
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.28 views

Amazon Linux: Security Advisory (ALAS-2013-266)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.2AI score0.04399EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.33 views

Amazon Linux: Security Advisory (ALAS-2013-217)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.6AI score0.05213EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.254 views

Amazon Linux: Security Advisory (ALAS-2013-216)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.6AI score0.05213EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.64 views

Oracle Solaris Third-Party Patch Update : nss (cve_2013_1620_lucky_thirteen)

The remote Solaris system is missing necessary patches to address security updates : - The TLS implementation in Mozilla Network Security Services NSS does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which...

4.3CVSS7AI score0.35584EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2014/11/08 12:0 a.m.36 views

RHEL 6 : rhev-hypervisor6 (RHSA-2013:1181)

An updated rhev-hypervisor6 package that fixes three security issues and various bugs is now available. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

7.8CVSS7.3AI score0.3415EPSS
Exploits5References11
Tenable Nessus
Tenable Nessus
added 2014/06/23 12:0 a.m.36 views

GLSA-201406-19 : Mozilla Network Security Service: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201406-19 Mozilla Network Security Service: Multiple vulnerabilities Multiple vulnerabilities have been discovered in the Mozilla Network Security Service. Please review the CVE identifiers referenced below for more details about...

7.5CVSS7AI score0.84424EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.45 views

openSUSE Security Update : Mozilla Firefox and others (openSUSE-SU-2013:0630-1)

The Mozilla suite received security and bugfix updates : Mozilla Firefox was updated to version 20.0. Mozilla Thunderbird was updated to version 17.0.5. Mozilla SeaMonkey was updated to version 17.0.5. Mozilla XULRunner was updated to version 17.0.5. mozilla-nss was updated to version 3.14.3...

10CVSS7.6AI score0.07953EPSS
Exploits1References12
OpenVAS
OpenVAS
added 2014/01/03 12:0 a.m.25 views

Fedora Update for nss FEDORA-2013-23900

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.1AI score0.03893EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/12/23 12:0 a.m.26 views

Fedora Update for nss FEDORA-2013-23479

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.1AI score0.03893EPSS
Exploits0References2
Amazon
Amazon
added 2013/12/17 12:0 a.m.52 views

Important: nss

Issue Overview: A flaw was found in the way NSS handled invalid handshake packets. A remote attacker could use this flaw to cause a TLS/SSL client using NSS to crash or, possibly, execute arbitrary code with the privileges of the user running the application. CVE-2013-5605 It was found that the f...

7.5CVSS8.7AI score0.04399EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2013/12/17 12:0 a.m.44 views

CentOS Update for nspr CESA-2013:1791 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6AI score0.04399EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/12/17 12:0 a.m.34 views

CentOS Update for nss CESA-2013:1829 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6AI score0.04399EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/12/13 12:0 a.m.68 views

CentOS 6 : nspr / nss / nss-util (CESA-2013:1829)

Updated nss, nspr, and nss-util packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

7.5CVSS7.6AI score0.04399EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2013/12/10 12:0 a.m.41 views

Scientific Linux Security Update : nss and nspr on SL5.x i386/x86_64 (20131205)

A flaw was found in the way NSS handled invalid handshake packets. A remote attacker could use this flaw to cause a TLS/SSL client using NSS to crash or, possibly, execute arbitrary code with the privileges of the user running the application. CVE-2013-5605 It was found that the fix for...

7.5CVSS7.5AI score0.04399EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2013/11/19 12:0 a.m.35 views

SuSE Update for Mozilla Firefox and others openSUSE-SU-2013:0631-1 (Mozilla Firefox and others)

Check for the Version of Mozilla Firefox and others OpenVAS Vulnerability Test $Id: gbsuse201306311.nasl 8448 2018-01-17 16:18:06Z teissa $ SuSE Update for Mozilla Firefox and others openSUSE-SU-2013:0631-1 Mozilla Firefox and others Authors: System Generated Check Copyright: Copyright C 2013...

10CVSS0.5AI score0.07953EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2013/11/19 12:0 a.m.26 views

SuSE Update for Mozilla Firefox and others openSUSE-SU-2013:0630-1 (Mozilla Firefox and others)

Check for the Version of Mozilla Firefox and others OpenVAS Vulnerability Test $Id: gbsuse201306301.nasl 8483 2018-01-22 06:58:04Z teissa $ SuSE Update for Mozilla Firefox and others openSUSE-SU-2013:0630-1 Mozilla Firefox and others Authors: System Generated Check Copyright: Copyright C 2013...

10CVSS0.5AI score0.07953EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2013/11/19 12:0 a.m.33 views

openSUSE: Security Advisory for Mozilla Firefox and others (openSUSE-SU-2013:0631-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.4AI score0.07953EPSS
Exploits1References1
Rows per page
Query Builder