CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2014-1645

Malware in sbrugna...

7.5CVSS7.6AI score0.03635EPSS

Exploits4References23

ArchLinux•added 2014/12/16 12:0 a.m.•49 views

nss: signature forgery

The definitelengthdecoder function in lib/util/quickder.c in Mozilla Network Security Services NSS does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long byte sequence for an encoding, as...

7.5CVSS2.8AI score0.93538EPSS

Exploits9References5

OSV•added 2014/12/15 6:59 p.m.•7 views

CVE-2014-1569

The definitelengthdecoder function in lib/util/quickder.c in Mozilla Network Security Services NSS before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long...

3.8AI score

Exploits0References15

CVE•added 2014/12/15 5:27 p.m.•183 views

CVE-2014-1569

CVE-2014-1569 concerns Mozilla NSS where the definite_length_decoder did not properly validate the DER encoding length in ASN.1, enabling a remote attacker to perform data-smuggling via long encodings (e.g., 0x00) in the SEC_QuickDERDecodeItem path. Public advisories (e.g., Debian DSA-3186-1 and ...

7.5CVSS3.8AI score0.03635EPSS

Exploits4References15Affected Software1