CVSS: 9.3EPSS: 2%CPEs: 15EXPL: 0CVE-2016-2834 – nss: Multiple security flaws (MFSA 2016-61)
https://notcve.org/view.php?id=CVE-2016-2834
09 Jun 2016 — Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors. Mozilla Network Security Services (NSS) en versiones anteriores a3.23, tal como se utiliza en Mozilla Firefox en versiones anteriores a 47.0, permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de aplicación) o posible... • http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html •
CVSS: 8.8EPSS: 4%CPEs: 2EXPL: 0CVE-2016-1979 – nss: Use-after-free during processing of DER encoded keys in NSS (MFSA 2016-36)
https://notcve.org/view.php?id=CVE-2016-1979
13 Mar 2016 — Use-after-free vulnerability in the PK11_ImportDERPrivateKeyInfoAndReturnKey function in Mozilla Network Security Services (NSS) before 3.21.1, as used in Mozilla Firefox before 45.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted key data with DER encoding. Vulnerabilidad de uso después de liberación de memoria en la función PK11_ImportDERPrivateKeyInfoAndReturnKey en Mozilla Network Security Services (NSS) en versiones anteriores a 3.21.1, como s... • http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html •
CVSS: 8.8EPSS: 0%CPEs: 33EXPL: 0CVE-2016-1950 – nss: Heap buffer overflow vulnerability in ASN1 certificate parsing (MFSA 2016-35)
https://notcve.org/view.php?id=CVE-2016-1950
09 Mar 2016 — Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate. El desbordamiento de buffer basado en memoria dinámica en Mozilla Network Security Services (NSS) en versiones anteriores a 3.19.2.3 y 3.20.x y 3.21.x en versiones anteriores a 3.21.1, tal y como se utiliza en Mozilla ... • http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •