Lucene search
K

89 matches found

Amazon
Amazon
added 2016/05/18 12:0 a.m.48 views

Medium: nspr, nss-util, nss, nss-softokn

Issue Overview: A use-after-free flaw was found in the way NSS handled DHE DiffieHellman key exchange and ECDHE Elliptic Curve Diffie-Hellman key exchange handshake messages. A remote attacker could send a specially crafted handshake message that, when parsed by an application linked against NSS,...

8.8CVSS9.3AI score0.02386EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/04/27 12:0 a.m.37 views

Oracle Linux 7 : nss, / nspr, / nss-softokn, / and / nss-util (ELSA-2016-0685)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-0685 advisory. - Pick up upstream freebl patch for CVE-2015-2730 Tenable has extracted the preceding description block directly from the Oracle Linux security advisor...

8.8CVSS7.4AI score0.03594EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/04/27 12:0 a.m.65 views

CentOS 7 : nspr / nss / nss-softokn / nss-util (CESA-2016:0685)

An update for nss, nspr, nss-softokn, and nss-util is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

8.8CVSS8.4AI score0.02386EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2016/04/27 12:0 a.m.37 views

Scientific Linux Security Update : nss and nspr on SL5.x i386/x86_64 (20160425)

The following packages have been upgraded to a newer upstream version: nss 3.21.0, nspr 4.11.0. Security Fixes : - A use-after-free flaw was found in the way NSS handled DHE Diffie- Hellman key exchange and ECDHE Elliptic Curve Diffie-Hellman key exchange handshake messages. A remote attacker cou...

8.8CVSS8.5AI score0.02386EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/04/27 12:0 a.m.45 views

RHEL 7 : nss, nspr, nss-softokn, and nss-util (RHSA-2016:0685)

An update for nss, nspr, nss-softokn, and nss-util is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

8.8CVSS8.4AI score0.02386EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2016/04/26 12:0 a.m.27 views

CentOS Update for nspr CESA-2016:0684 centos5

Check the version of nspr SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882474";...

8.8CVSS7.7AI score0.02386EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2016/04/26 12:0 a.m.21 views

RedHat Update for nss and nspr RHSA-2016:0684-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.7AI score0.02386EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2016/04/11 12:0 a.m.32 views

CentOS Update for nss CESA-2016:0591 centos6

Check the version of nss SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882449";...

8.8CVSS7.7AI score0.02386EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2016/04/11 12:0 a.m.32 views

CentOS Update for nspr CESA-2016:0591 centos6

Check the version of nspr SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882446";...

8.8CVSS7.7AI score0.02386EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/04/07 12:0 a.m.30 views

Scientific Linux Security Update : nss, nss-util, and nspr on SL6.x i386/x86_64 (20160405)

The following packages have been upgraded to a newer upstream version: nss 3.21.0, nss-util 3.21.0, nspr 4.11.0. Security Fixes : - A use-after-free flaw was found in the way NSS handled DHE Diffie- Hellman key exchange and ECDHE Elliptic Curve Diffie-Hellman key exchange handshake messages. A...

8.8CVSS8.5AI score0.02386EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2016/04/06 12:0 a.m.24 views

RedHat Update for nss, nss-util, and nspr RHSA-2016:0591-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.7AI score0.02386EPSS
Exploits0References2
NVD
NVD
added 2016/03/13 6:59 p.m.23 views

CVE-2016-1978

Use-after-free vulnerability in the ssl3HandleECDHServerKeyExchange function in Mozilla Network Security Services NSS before 3.21, as used in Mozilla Firefox before 44.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact by making an SSL 1 DHE or 2 ECD...

7.5CVSS8.2AI score0.02386EPSS
Exploits0References20
Debian CVE
Debian CVE
added 2016/03/13 6:0 p.m.40 views

CVE-2016-1978

Use-after-free vulnerability in the ssl3HandleECDHServerKeyExchange function in Mozilla Network Security Services NSS before 3.21, as used in Mozilla Firefox before 44.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact by making an SSL 1 DHE or 2 ECD...

7.5CVSS8.6AI score0.02386EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2016/03/13 12:0 a.m.31 views

CVE-2016-1978

Use-after-free vulnerability in the ssl3HandleECDHServerKeyExchange function in Mozilla Network Security Services NSS before 3.21, as used in Mozilla Firefox before 44.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact by making an SSL 1 DHE or 2 ECD...

7.5CVSS7.2AI score0.02386EPSS
Exploits0References3
Mozilla
Mozilla
added 2016/01/26 12:0 a.m.55 views

Use-after-free in NSS during SSL connections in low memory — Mozilla

Mozilla developer Eric Rescorla reported that a failed allocation during DHE and ECDHE handshakes would lead to a use-after-free vulnerability...

7.5CVSS1.5AI score0.02386EPSS
Exploits0References2Affected Software3
FreeBSD
FreeBSD
added 2016/01/26 12:0 a.m.30 views

NSS -- multiple vulnerabilities

Mozilla Foundation reports: Security researcher Hanno Böck reported that calculations with mpdiv and mpexptmod in Network Security Services NSS can produce wrong results in some circumstances. These functions are used within NSS for a variety of cryptographic division functions, leading to...

0.5AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/11/03 12:0 a.m.48 views

SUSE SLES12 Security Update : apache2 (SUSE-SU-2015:1851-1) (Logjam)

The Apache2 webserver was updated to fix several issues : Security issues fixed : - The chunked transfer coding implementation in the Apache HTTP Server did not properly parse chunk headers, which allowed remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to...

5CVSS7.2AI score0.9986EPSS
Exploits1References22
Tenable Nessus
Tenable Nessus
added 2015/08/26 12:0 a.m.37 views

CentOS 5 : nss (CESA-2015:1664)

Updated nss packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

4.3CVSS7.3AI score0.03594EPSS
Exploits1References3
Cent OS
Cent OS
added 2015/08/24 6:12 p.m.68 views

nss security update

CentOS Errata and Security Advisory CESA-2015:1664 Updated nss packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerabilit...

4.3CVSS6.1AI score0.03594EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2015/08/24 3:38 p.m.54 views

Moderate: Red Hat Security Advisory: nss security, bug fix, and enhancement update

Updated nss packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

4.3CVSS6.1AI score0.03594EPSS
Exploits1References5
Rows per page
Query Builder