Lucene search
+L

125 matches found

Tenable Nessus
Tenable Nessus
added 2022/04/18 12:0 a.m.31 views

EulerOS Virtualization 2.10.0 : nss (EulerOS-SA-2022-1407)

According to the versions of the nss packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - NSS Network Security Services versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA o...

9.8CVSS7.2AI score0.17563EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/03/02 12:0 a.m.19 views

EulerOS 2.0 SP9 : nss (EulerOS-SA-2022-1294)

According to the versions of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - NSS Network Security Services versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS...

9.8CVSS7.3AI score0.17563EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/03/02 12:0 a.m.58 views

EulerOS 2.0 SP9 : nss (EulerOS-SA-2022-1310)

According to the versions of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - NSS Network Security Services versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS...

9.8CVSS7.3AI score0.17563EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/03/02 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2022-1310)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.9AI score0.17563EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/03/01 12:0 a.m.28 views

EulerOS 2.0 SP5 : nss (EulerOS-SA-2022-1278)

According to the versions of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - NSS Network Security Services versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS...

9.8CVSS7.3AI score0.17563EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.55 views

Rocky Linux 8 : nss (RLSA-2021:4903)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:4903 advisory. - NSS Network Security Services versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures...

9.8CVSS7.2AI score0.17563EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.21 views

Mageia: Security Advisory (MGASA-2021-0534)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.9AI score0.17563EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2022/01/19 8:0 a.m.7 views

In LibTomCrypt through 1.18.2 the der_decode_utf8_string function (in der_decode_utf8_string.c) does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) or read information from other memory locations via carefully crafted DER-encoded data.

...

9.1CVSS7.2AI score0.03195EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2021/12/17 8:0 a.m.8 views

NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS S/MIME PKCS \#7 or PKCS \#12 are likely to be impacted. Applications using NSS for certificate validation or other TLS X.509 OCSP or CRL functionality may be impacted depending on how they configure NSS. *Note: This vulnerability does NOT impact Mozilla Firefox.* However email clients and PDF viewers that use NSS for signature verification such as Thunderbird LibreOffice Evolution and Evince are believed to be impacted. This vulnerability affects NSS < 3.73 and NSS < 3.68.1.

...

9.8CVSS8.8AI score0.17563EPSS
Exploits0
OSV
OSV
added 2021/12/08 10:15 p.m.46 views

CVE-2021-43527

NSS Network Security Services versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \7, or PKCS \12 are likely to be impacted. Applications using N...

9.8CVSS2.5AI score
Exploits0References9
NVD
NVD
added 2021/12/08 10:15 p.m.22 views

CVE-2021-43527

NSS Network Security Services versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \7, or PKCS \12 are likely to be impacted. Applications using N...

9.8CVSS0.17563EPSS
Exploits0References9
Prion
Prion
added 2021/12/08 10:15 p.m.27 views

Heap overflow

NSS Network Security Services versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \7, or PKCS \12 are likely to be impacted. Applications using N...

7.5CVSS9.6AI score0.17563EPSS
Exploits0References9Affected Software9
Cvelist
Cvelist
added 2021/12/08 12:0 a.m.24 views

CVE-2021-43527

NSS Network Security Services versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \7, or PKCS \12 are likely to be impacted. Applications using N...

9.8AI score0.17563EPSS
Exploits0References9
AlpineLinux
AlpineLinux
added 2021/12/08 12:0 a.m.51 views

CVE-2021-43527

NSS Network Security Services versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \7, or PKCS \12 are likely to be impacted. Applications using N...

9.8CVSS9.9AI score0.17563EPSS
Exploits0
CVE
CVE
added 2021/12/08 12:0 a.m.672 views

CVE-2021-43527

CVE-2021-43527 describes a heap overflow in NSS when handling DER-encoded DSA or RSA-PSS signatures. The vulnerability affects NSS versions prior to 3.73 (and 3.68.1 ESR for some configurations) and can impact applications using NSS for signatures in CMS, S/MIME, PKCS#7, or PKCS#12, as well as th...

9.8CVSS9.6AI score0.17563EPSS
Exploits0References9Affected Software2
Debian CVE
Debian CVE
added 2021/12/08 12:0 a.m.34 views

CVE-2021-43527

NSS Network Security Services versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \7, or PKCS \12 are likely to be impacted. Applications using N...

9.8CVSS8.4AI score0.17563EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/12/08 12:0 a.m.21 views

OracleVM 3.4 : nss (OVMSA-2021-0040)

The remote OracleVM system is missing necessary patches to address security updates: - NSS Network Security Services versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded...

9.8CVSS7.3AI score0.17563EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/12/07 12:0 a.m.55 views

SUSE SLED12: libfreebl3 / libfreebl3-32bit / libfreebl3-hmac / etc (SUSE-SU-2021:3939-1)

The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3939-1 advisory. Update to version 3.68.1: - CVE-2021-43527: Fixed a Heap overflow in NSS when verifying DER-encoded DSA or RSA-PSS signatures...

9.8CVSS7.2AI score0.17563EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/12/07 12:0 a.m.21 views

SUSE SLED15: libfreebl3 / libfreebl3-32bit / libfreebl3-hmac / etc (SUSE-SU-2021:3934-1)

The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3934-1 advisory. Update to version 3.68.1: - CVE-2021-43527: Fixed a Heap overflow in NSS when verifying DER-encoded DSA or RSA-PSS signatures...

9.8CVSS7.2AI score0.17563EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/12/07 12:0 a.m.21 views

SUSE SLES11: libfreebl3 / libfreebl3-32bit / libsoftokn3 / libsoftokn3-32bit / etc (SUSE-SU-2021:14858-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2021:14858-1 advisory. Update to version 3.68.1: - CVE-2021-43527: Fixed a Heap overflow in NSS when verifying DER-encoded DSA or RSA-PSS signatures bsc1193170. Tenable has...

9.8CVSS7AI score0.17563EPSS
Exploits0References4
Rows per page
Query Builder