Lucene search
K

25 matches found

OSV
OSV
added 2026/06/04 7:16 p.m.5 views

UBUNTU-CVE-2026-40898

quic-go is an implementation of the QUIC protocol in Go. Prior to version 0.59.1, an attacker can cause excessive memory allocation in quic-go's HTTP/3 client and server implementations by sending a QPACK-encoded HEADERS frame that decodes into a large trailer field section with many unique field...

7.5CVSS5.3AI score0.00279EPSS
Exploits0References3
NVD
NVD
added 2026/05/20 8:16 p.m.12 views

CVE-2026-9114

Use after free in QUIC in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via malicious network traffic. Chromium security severity: High...

8.8CVSS0.00365EPSS
Exploits0References2
Fedora
Fedora
added 2026/04/28 1:35 a.m.8 views

[SECURITY] Fedora 44 Update: ngtcp2-1.22.1-1.fc44

"Call it TCP/2. One More Time." ngtcp2 project is an effort to implement RFC9000 QUIC protocol...

7.5CVSS5.2AI score0.00776EPSS
Exploits1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2000-0729

Malware in sbrugna...

5CVSS6.4AI score0.02539EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2019-3384

Malware in sbrugna...

9.8CVSS9.2AI score0.01707EPSS
Exploits0References12
OSV
OSV
added 2024/05/29 4:15 p.m.2 views

DEBIAN-CVE-2024-34161

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module and the network infrastructure supports a Maximum Transmission Unit MTU of 4096 or greater without fragmentation, undisclosed QUIC packets can cause NGINX worker processes to leak previously freed memory...

5.3CVSS6.5AI score0.00867EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/12/12 5:29 p.m.7 views

golang: crypto/tls: panic when processing post-handshake message on QUIC connections

A flaw was found in Golang. Processing an incomplete post-handshake message for a QUIC connection caused a panic...

7.5CVSS7.3AI score0.01146EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2023/11/14 4:4 p.m.3 views

golang: crypto/tls: panic when processing post-handshake message on QUIC connections

A flaw was found in Golang. Processing an incomplete post-handshake message for a QUIC connection caused a panic...

7.5CVSS7.3AI score0.01146EPSS
Exploits0References8
NVD
NVD
added 2021/04/22 8:15 p.m.12 views

CVE-2021-0254

A buffer size validation vulnerability in the overlayd service of Juniper Networks Junos OS may allow an unauthenticated remote attacker to send specially crafted packets to the device, triggering a partial Denial of Service DoS condition, or leading to remote code execution RCE. Continued receip...

9.8CVSS0.02566EPSS
Exploits0References1
Veracode
Veracode
added 2020/09/21 6:25 a.m.22 views

Arbitrary Code Execution

firefox is vulnerable to arbitrary code execution. The vulnerability exists as necko can access a child on the wrong thread during UDP connections, resulting in a potentially exploitable crash in some instances...

9.8CVSS4.2AI score0.01707EPSS
Exploits0References7Affected Software2
Tenable Nessus
Tenable Nessus
added 2020/07/21 12:0 a.m.22 views

openSUSE Security Update : mumble (openSUSE-2020-1016)

This update for mumble fixes the following issues : mumble was updated 1.3.2 : - client: Fixed overlay not starting Update to upstream version 1.3.1 - Security - Fixed: Potential exploit in the OCB2 encryption 4227 boo1174041 - ICE - Fixed: Added missing UserKDFIterations field to UserInfo =...

5.7AI score
Exploits0References1
OSV
OSV
added 2019/07/23 2:15 p.m.2 views

CVE-2019-11714

Necko can access a child on the wrong thread during UDP connections, resulting in a potentially exploitable crash in some instances. This vulnerability affects Firefox 68...

9.8CVSS7.3AI score0.01707EPSS
Exploits0References7
NVD
NVD
added 2019/07/23 2:15 p.m.13 views

CVE-2019-11714

Necko can access a child on the wrong thread during UDP connections, resulting in a potentially exploitable crash in some instances. This vulnerability affects Firefox 68...

9.8CVSS8.9AI score0.01707EPSS
Exploits0References7
CVE
CVE
added 2019/07/23 1:18 p.m.268 views

CVE-2019-11714

CVE-2019-11714 affects Mozilla Firefox up to version 68.x due to a Necko/UDP threading issue where Necko can access a child on the wrong thread, causing a potentially exploitable crash. Public disclosures in multiple feeds confirm the flaw lies in memory/thread handling within the browser’s netwo...

9.8CVSS8.8AI score0.01707EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2019/07/23 1:18 p.m.25 views

CVE-2019-11714

Necko can access a child on the wrong thread during UDP connections, resulting in a potentially exploitable crash in some instances. This vulnerability affects Firefox 68...

8.9AI score0.01707EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2019/07/23 1:18 p.m.23 views

CVE-2019-11714

Necko can access a child on the wrong thread during UDP connections, resulting in a potentially exploitable crash in some instances. This vulnerability affects Firefox 68...

9.8CVSS9.7AI score0.01707EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2019/07/11 12:0 a.m.37 views

CVE-2019-11714

Necko can access a child on the wrong thread during UDP connections, resulting in a potentially exploitable crash in some instances. This vulnerability affects Firefox 68...

9.8CVSS7.2AI score0.01707EPSS
Exploits0References3
Mozilla
Mozilla
added 2019/07/09 12:0 a.m.149 views

Security vulnerabilities fixed in Firefox 68 — Mozilla

As part of his winning Pwn2Own entry, Niklas Baumstark demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation. When an inner window is reused, it does not consider the use of document.domain for cross-origin...

9.8CVSS9.1AI score0.02794EPSS
Exploits1References25Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/01/08 12:0 a.m.34 views

RHEL 6 / 7 : rpcbind (RHSA-2016:0005)

Updated rpcbind packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

7.5CVSS7.4AI score0.06408EPSS
Exploits0References3
ICS
ICS
added 2014/01/20 12:0 p.m.11 views

Mariposa Botnet

Overview ICS-CERT has received reports and investigated infections of the MariposaDefence Intelligence, http://defintel.com/docs/MariposaAnalysis.pdf, website last accessed March 15, 2010. botnet, which have affected the business networks of multiple control system owners in recent months. ICS-CE...

7.3AI score
Exploits0References17
Rows per page
Query Builder