Lucene search
+L

324 matches found

Debian CVE
Debian CVE
added 2023/06/02 12:0 a.m.78 views

CVE-2023-0767

An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...

8.8CVSS7.8AI score0.00817EPSS
Exploits0
CVE
CVE
added 2023/06/02 12:0 a.m.1437 views

CVE-2023-0767

CVE-2023-0767 describes a vulnerability where an attacker could construct a PKCS#12 cert bundle in a way that mishandles Safe Bag attributes, enabling arbitrary memory writes. Affected software: Firefox < 110, Thunderbird < 102.8, and Firefox ESR

8.8CVSS8.1AI score0.00817EPSS
Exploits0References6Affected Software3
AlpineLinux
AlpineLinux
added 2023/06/02 12:0 a.m.25 views

CVE-2023-0767

An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...

8.8CVSS8.5AI score0.00817EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/05/30 12:0 a.m.31 views

GLSA-202305-36 : Mozilla Thunderbird: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202305-36 Mozilla Thunderbird: Multiple Vulnerabilities - matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 24.0.0 events sent with special strings in key places can temporarily...

8.8CVSS7.8AI score0.01185EPSS
Exploits2References38
CNNVD
CNNVD
added 2023/05/09 12:0 a.m.8 views

UNISOC Chipsets 安全漏洞

UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in the UNISOC Chipsets soter service module, which stems from a lack of boundary checking, resulting in out-of-bounds writes...

4.4CVSS5.1AI score0.00096EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/05/09 12:0 a.m.7 views

UNISOC Chipsets 缓冲区错误漏洞

UNISOC Chipsets is a chipset from China's Unisplendour UNISOC. A security vulnerability exists in the UNISOC Chipsets spipe drive module, which stems from a lack of boundary checking, leading to out-of-bounds writes...

4.4CVSS5.1AI score0.00096EPSS
Exploits0References3
OSV
OSV
added 2023/05/08 8:15 p.m.5 views

CVE-2023-27968

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory...

7.1CVSS7.3AI score0.00258EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/05/08 12:0 a.m.2 views

Linux kernel 资源管理错误漏洞

The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that stems from mishandling of anonymous sets and post-release reuse in Netfilter nftables when processing batch requests, which can be abused to...

7.8CVSS6.8AI score0.12966EPSS
Exploits7References33
Tenable Nessus
Tenable Nessus
added 2023/05/04 12:0 a.m.21 views

Amazon Linux AMI : nss (ALAS-2023-1736)

The version of nss installed on the remote host is prior to 3.53.1-7.88. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1736 advisory. firefox-esr , thunderbird and nss only are affected by this package. CVE-2023-0767 Tenable has extracted the preceding description...

8.8CVSS7.7AI score0.00817EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/05/02 12:0 a.m.37 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.6.2.5)

The version of AOS installed on the remote host is prior to 6.6.2.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.6.2.5 advisory. - zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header...

9.8CVSS8.3AI score0.59501EPSS
Exploits1References4
OSV
OSV
added 2023/04/12 8:41 p.m.6 views

CLSA-2023-1681328662 Fix CVE(s): CVE-2023-0767

SECURITY UPDATE: An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled - debian/patches/CVE-2023-0767.patch: improve handling of unknown PKCS12 safe bag types - CVE-2023-0767...

8.8CVSS7.3AI score0.00817EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/04/06 12:0 a.m.42 views

Oracle Linux 6 : nss (ELSA-2023-12238)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12238 advisory. - Back port nss security update CVE-2023-0767 Orabug: 35205543 - Fix CVE-2021-43527 Orabug: 33627334 - Backport upstream fix for CVE-2018-12384 - Resolves: Bug...

9.8CVSS7.7AI score0.87264EPSS
Exploits19References2
Tenable Nessus
Tenable Nessus
added 2023/03/28 12:0 a.m.35 views

CBL Mariner 2.0 Security Update: libxslt / libxml2 (CVE-2022-29824)

The version of libxslt / libxml2 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-29824 advisory. - In libxml2 before 2.9.14, several buffer handling functions in buf.c xmlBuf and tree.c xmlBuffer...

6.5CVSS7.4AI score0.0363EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2023/03/28 12:0 a.m.22 views

Mageia: Security Advisory (MGASA-2023-0056)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.8AI score0.00817EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2023/03/27 3:14 p.m.6 views

nss: Arbitrary memory write via PKCS 12

The Mozilla Foundation Security Advisory describes this flaw as: An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled...

8.8CVSS7.4AI score0.00817EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/03/23 11:32 a.m.6 views

nss: Arbitrary memory write via PKCS 12

The Mozilla Foundation Security Advisory describes this flaw as: An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled...

8.8CVSS7.4AI score0.00817EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/03/23 12:0 a.m.23 views

RHEL 9 : nss (RHSA-2023:1368)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1368 advisory. Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server...

8.8CVSS7.7AI score0.00817EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/03/23 12:0 a.m.20 views

RHEL 8 : nss (RHSA-2023:1406)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1406 advisory. Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server...

8.8CVSS7.7AI score0.00817EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/03/23 12:0 a.m.24 views

RHEL 9 : nss (RHSA-2023:1365)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1365 advisory. Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server...

8.8CVSS7.7AI score0.00817EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/03/22 12:0 a.m.172 views

CentOS 7 : nss (RHSA-2023:1332)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1332 advisory. - An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled...

8.8CVSS7.8AI score0.00817EPSS
Exploits0References2
Rows per page
Query Builder