25 matches found
UBUNTU-CVE-2026-40898
quic-go is an implementation of the QUIC protocol in Go. Prior to version 0.59.1, an attacker can cause excessive memory allocation in quic-go's HTTP/3 client and server implementations by sending a QPACK-encoded HEADERS frame that decodes into a large trailer field section with many unique field...
CVE-2026-9114
Use after free in QUIC in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via malicious network traffic. Chromium security severity: High...
[SECURITY] Fedora 44 Update: ngtcp2-1.22.1-1.fc44
"Call it TCP/2. One More Time." ngtcp2 project is an effort to implement RFC9000 QUIC protocol...
EUVD-2000-0729
Malware in sbrugna...
EUVD-2019-3384
Malware in sbrugna...
DEBIAN-CVE-2024-34161
When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module and the network infrastructure supports a Maximum Transmission Unit MTU of 4096 or greater without fragmentation, undisclosed QUIC packets can cause NGINX worker processes to leak previously freed memory...
golang: crypto/tls: panic when processing post-handshake message on QUIC connections
A flaw was found in Golang. Processing an incomplete post-handshake message for a QUIC connection caused a panic...
golang: crypto/tls: panic when processing post-handshake message on QUIC connections
A flaw was found in Golang. Processing an incomplete post-handshake message for a QUIC connection caused a panic...
CVE-2021-0254
A buffer size validation vulnerability in the overlayd service of Juniper Networks Junos OS may allow an unauthenticated remote attacker to send specially crafted packets to the device, triggering a partial Denial of Service DoS condition, or leading to remote code execution RCE. Continued receip...
Arbitrary Code Execution
firefox is vulnerable to arbitrary code execution. The vulnerability exists as necko can access a child on the wrong thread during UDP connections, resulting in a potentially exploitable crash in some instances...
openSUSE Security Update : mumble (openSUSE-2020-1016)
This update for mumble fixes the following issues : mumble was updated 1.3.2 : - client: Fixed overlay not starting Update to upstream version 1.3.1 - Security - Fixed: Potential exploit in the OCB2 encryption 4227 boo1174041 - ICE - Fixed: Added missing UserKDFIterations field to UserInfo =...
CVE-2019-11714
Necko can access a child on the wrong thread during UDP connections, resulting in a potentially exploitable crash in some instances. This vulnerability affects Firefox 68...
CVE-2019-11714
Necko can access a child on the wrong thread during UDP connections, resulting in a potentially exploitable crash in some instances. This vulnerability affects Firefox 68...
CVE-2019-11714
CVE-2019-11714 affects Mozilla Firefox up to version 68.x due to a Necko/UDP threading issue where Necko can access a child on the wrong thread, causing a potentially exploitable crash. Public disclosures in multiple feeds confirm the flaw lies in memory/thread handling within the browser’s netwo...
CVE-2019-11714
Necko can access a child on the wrong thread during UDP connections, resulting in a potentially exploitable crash in some instances. This vulnerability affects Firefox 68...
CVE-2019-11714
Necko can access a child on the wrong thread during UDP connections, resulting in a potentially exploitable crash in some instances. This vulnerability affects Firefox 68...
CVE-2019-11714
Necko can access a child on the wrong thread during UDP connections, resulting in a potentially exploitable crash in some instances. This vulnerability affects Firefox 68...
Security vulnerabilities fixed in Firefox 68 — Mozilla
As part of his winning Pwn2Own entry, Niklas Baumstark demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation. When an inner window is reused, it does not consider the use of document.domain for cross-origin...
RHEL 6 / 7 : rpcbind (RHSA-2016:0005)
Updated rpcbind packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...
Mariposa Botnet
Overview ICS-CERT has received reports and investigated infections of the MariposaDefence Intelligence, http://defintel.com/docs/MariposaAnalysis.pdf, website last accessed March 15, 2010. botnet, which have affected the business networks of multiple control system owners in recent months. ICS-CE...