Download
| Alert*
oval:org.secpod.oval:def:201608
Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. It was found that a Certificate Authority issued ... oval:org.secpod.oval:def:201645 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. It was found that a Certificate Authority issued ... oval:org.secpod.oval:def:500167 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. It was found that a Certificate Authority issued ... oval:org.secpod.oval:def:500961 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. It was found that a Certificate Authority mis-is ... oval:org.secpod.oval:def:500959 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. It was found that a Certificate Authority mis-is ... oval:org.secpod.oval:def:1503888 Updated nss, nss-util, and nspr packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Description Network Security Services is a ... oval:org.secpod.oval:def:1503179 Updated nss packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. Description Network Security Services is a set of libraries designed to support the development ... oval:org.secpod.oval:def:500819 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. It was found that a Certificate Authority issued ... oval:org.secpod.oval:def:500228 Network Security Services is a set of libraries designed to support the development of security-enabled client and server applications. It was found that the Malaysia-based Digicert Sdn. Bhd. subordinate Certificate Authority issued HTTPS certificates with weak keys. This update renders any HTTPS ... oval:org.secpod.oval:def:201771 Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with th ... oval:org.secpod.oval:def:500426 Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with th ... oval:org.secpod.oval:def:201834 Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with th ... oval:org.secpod.oval:def:106153 NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing and calendar time, basic memory management and shared library linking. oval:org.secpod.oval:def:109656 NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing and calendar time, basic memory management and shared library linking. oval:org.secpod.oval:def:109705 NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing and calendar time, basic memory management and shared library linking. oval:org.secpod.oval:def:109927 NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing and calendar time, basic memory management and shared library linking. oval:org.secpod.oval:def:117273 NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing and calendar time, basic memory management and shared library linking. oval:org.secpod.oval:def:117350 NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing and calendar time, basic memory management and shared library linking. oval:org.secpod.oval:def:202396 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A flaw was found in the way the ASN.1 decoder in ... oval:org.secpod.oval:def:203114 nspr is installed oval:org.secpod.oval:def:202542 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. It was found that a Certificate Authority mis-is ... oval:org.secpod.oval:def:1500038 Updated nss, nss-util, and nspr packages that fix one security issue,various bugs, and add enhancements are now available for Red HatEnterprise Linux 6.The Red Hat Security Response Team has rated this update as havingimportant security impact. Network Security Services is a set of libraries design ... oval:org.secpod.oval:def:66565 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a la ... oval:org.secpod.oval:def:503837 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a la ... oval:org.secpod.oval:def:202397 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A flaw was found in the way the ASN.1 decoder in ... oval:org.secpod.oval:def:202538 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. It was found that a Certificate Authority mis-is ... oval:org.secpod.oval:def:202369 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. It was found that a Certificate Authority issued ... oval:org.secpod.oval:def:2500469 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. oval:org.secpod.oval:def:500847 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A flaw was found in the way the ASN.1 decoder in ... oval:org.secpod.oval:def:500848 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A flaw was found in the way the ASN.1 decoder in ... oval:org.secpod.oval:def:1503777 Updated nss, nss-util, and nspr packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base ... oval:org.secpod.oval:def:202908 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. nss-softokn provides an NSS softoken cryptographi ... oval:org.secpod.oval:def:1600325 It was discovered that NSS leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS server as a padding orac ... oval:org.secpod.oval:def:501086 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. It was discovered that NSS leaked timing informat ... oval:org.secpod.oval:def:1500241 Updated nss, nss-util, nss-softokn, and nspr packages that fix two security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System b ... oval:org.secpod.oval:def:1500200 Updated nss and nspr packages that fix two security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give d ... oval:org.secpod.oval:def:202910 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. It was discovered that NSS leaked timing informat ... oval:org.secpod.oval:def:1500049 Updated nss and nspr packages that fix one security issue, various bugs,and add enhancements are now available for Red Hat Enterprise Linux 5.The Red Hat Security Response Team has rated this update as havingimportant security impact. Network Security Services is a set of libraries designed to supp ... oval:org.secpod.oval:def:501074 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. nss-softokn provides an NSS softoken cryptographi ... oval:org.secpod.oval:def:500630 Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. nspr provides the Netscape Portable Runtime . A flaw was found in the way Firefox handles form history. A malicious web page could steal saved form data by synthesizing input events, ca ... oval:org.secpod.oval:def:107075 NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing and calendar time, basic memory management and shared library linking. oval:org.secpod.oval:def:107063 NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing and calendar time, basic memory management and shared library linking. oval:org.secpod.oval:def:115090 NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing and calendar time, basic memory management and shared library linking. oval:org.secpod.oval:def:115110 NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing and calendar time, basic memory management and shared library linking. oval:org.secpod.oval:def:205272 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a la ... oval:org.secpod.oval:def:503254 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a la ... oval:org.secpod.oval:def:2500071 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. oval:org.secpod.oval:def:1600405 A use-after-free flaw was found in the way NSS handled DHE and ECDHE handshake messages. A remote attacker could send a specially crafted handshake message that, when parsed by an application linked against NSS, would cause that application to crash or, under certain special conditions, execute ar ... oval:org.secpod.oval:def:203762 Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A use-after-poison flaw and a heap-based buffer overf ... oval:org.secpod.oval:def:203760 Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A use-after-poison flaw and a heap-based buffer overf ... oval:org.secpod.oval:def:203766 Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A use-after-poison flaw and a heap-based buffer overf ... oval:org.secpod.oval:def:203920 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a ne ... oval:org.secpod.oval:def:501801 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services libraries. Netscape Portable Runtime provides platform independ ... oval:org.secpod.oval:def:1501212 Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape Portable Runtime (NSPR) in Mozilla Network Security Services (NSS) allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. oval:org.secpod.oval:def:1501216 Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape Portable Runtime (NSPR) in Mozilla Network Security Services (NSS) allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. oval:org.secpod.oval:def:501811 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a ne ... oval:org.secpod.oval:def:501810 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services libraries. Netscape Portable Runtime provides platform independ ... oval:org.secpod.oval:def:203915 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services libraries. Netscape Portable Runtime provides platform independ ... oval:org.secpod.oval:def:1501438 Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. A flaw was found in the way NSS verified certain ECDSA signatures. Under certain conditions, an attacker could use this flaw to conduct signature forgery ... oval:org.secpod.oval:def:1200002 Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A use-after-poison flaw and a heap-based buffer overf ... oval:org.secpod.oval:def:501671 Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A use-after-poison flaw and a heap-based buffer overf ... oval:org.secpod.oval:def:203894 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services libraries. Netscape Portable Runtime provides platform independ ... oval:org.secpod.oval:def:501672 Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A use-after-poison flaw and a heap-based buffer overf ... oval:org.secpod.oval:def:1501440 Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. A flaw was found in the way NSS verified certain ECDSA signatures. Under certain conditions, an attacker could use this flaw to conduct signature forgery ... oval:org.secpod.oval:def:1501206 Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape Portable Runtime (NSPR) in Mozilla Network Security Services (NSS) allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. oval:org.secpod.oval:def:19500079 NSS up to and including 3.73 is vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted. Applications using NSS for certificate validation or other TL ... oval:org.secpod.oval:def:501160 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS handled invalid h ... oval:org.secpod.oval:def:202991 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS handled invalid h ... oval:org.secpod.oval:def:1500326 Updated nss and nspr packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores ... oval:org.secpod.oval:def:1500329 Updated nss, nspr, and nss-util packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ra ... oval:org.secpod.oval:def:1600276 A flaw was found in the way NSS handled invalid handshake packets. A remote attacker could use this flaw to cause a TLS/SSL client using NSS to crash or, possibly, execute arbitrary code with the privileges of the user running the application. It was found that the fix for CVE-2013-1620 introduced a ... oval:org.secpod.oval:def:202980 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS handled invalid h ... oval:org.secpod.oval:def:501156 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS handled invalid h ... oval:org.secpod.oval:def:203364 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A race condition was found in the way NSS verifie ... oval:org.secpod.oval:def:1500643 Updated nss and nspr packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 7. The Red Hat Security Response Team has rated this update as having Critical security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is ... oval:org.secpod.oval:def:1600076 Mozilla Netscape Portable Runtime before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service via vectors involving the sprintf and console functions. oval:org.secpod.oval:def:1500654 Updated nss and nspr packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System base scores, ... oval:org.secpod.oval:def:501345 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A race condition was found in the way NSS verifie ... oval:org.secpod.oval:def:501346 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A race condition was found in the way NSS verifie ... oval:org.secpod.oval:def:203374 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A race condition was found in the way NSS verifie ... oval:org.secpod.oval:def:203378 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A race condition was found in the way NSS verifie ... oval:org.secpod.oval:def:1500633 A race condition was found in the way NSS verified certain certificates. A remote attacker could use this flaw to crash an application using NSS or, possibly, execute arbitrary code with the privileges of the user running that application. oval:org.secpod.oval:def:202193 Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. nspr provides the Netscape Portable Runtime . Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash o ... oval:org.secpod.oval:def:202113 Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. nspr provides the Netscape Portable Runtime . Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash o ... oval:org.secpod.oval:def:500684 Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. nspr provides the Netscape Portable Runtime . Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash o ... oval:org.secpod.oval:def:500498 Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing, calendar time, basic memory management , and shared library linking. Network Security Services i ... oval:org.secpod.oval:def:201732 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSLv2, SSLv3, TLS, and other security standards. Netscape Portable Runtime provides platform independence f ... oval:org.secpod.oval:def:201931 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSLv2, SSLv3, TLS, and other security standards. Netscape Portable Runtime provides platform independence f ... oval:org.secpod.oval:def:500332 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSLv2, SSLv3, TLS, and other security standards. Netscape Portable Runtime provides platform independence f ... oval:org.secpod.oval:def:507583 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix: * nss: Arbitrary memory write via PKCS 12 Bug Fix: * In FIPS mode, nss should reject RSASSA-PSS salt lengths larger than the output s ... oval:org.secpod.oval:def:19500043 firefox-esr , thunderbird and nss only are affected by this package oval:org.secpod.oval:def:19500595 A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a pa ... oval:org.secpod.oval:def:1503056 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:509106 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix: nss: timing attack against RSA decryption For more details about the security issue, including the impact, a CVSS score, acknowledgme ... oval:org.secpod.oval:def:509071 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix: nss: vulnerable to Minerva side-channel information leak For more details about the security issue, including the impact, a CVSS scor ... oval:org.secpod.oval:def:19500577 It was discovered that the numerical library used in NSS for RSA cryptography leaks information whether high order bits of the RSA decryption result are zero. This information can be used to mount a Bleichenbacher or Manger like attack against all RSA decryption operations. As the leak happens befor ... |