Vulnerabilities > Mozilla > NSS > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-12-08 CVE-2021-43527 Out-of-bounds Write vulnerability in multiple products
NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures.
network
low complexity
mozilla netapp oracle starwindsoftware CWE-787
critical
9.8
2021-05-27 CVE-2020-12403 Out-of-bounds Read vulnerability in Mozilla NSS
A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55.
network
low complexity
mozilla CWE-125
critical
9.1