Siemens: >> Ruggedcom Rox Rx1511 Firmware Security Vulnerabilities
In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.
CVSS Score
9.8
EPSS Score
0.005
Published
2020-10-22
In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-10-22
When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
CVSS Score
8.8
EPSS Score
0.006
Published
2020-01-08
Page 3