22 matches found
GHSA-GVVW-8J96-8G5R MsQuic has a Remote Elevation of Privilege Vulnerability
Summary Improper input validation in Microsoft QUIC allows an unauthorized attacker to elevate privileges over a network. Details Improper Input Validation Integer Underflow Wrap or Wraparound when decoding ACK frame. Patches - Fix underflow in ACK frame parsing - 1e6e999b Impact An attacker who...
EUVD-2023-2731
Malicious code in bioql PyPI...
EUVD-2023-2837
Malicious code in bioql PyPI...
EUVD-2024-23466
Malicious code in bioql PyPI...
TencentOS Server 4: dotnet7.0 (TSSA-2024:0680)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0680 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
BIT-DOTNET-SDK-2024-26190 Microsoft QUIC Denial of Service Vulnerability
Microsoft QUIC Denial of Service Vulnerability...
Remote Denial of Service Vulnerability in Microsoft QUIC
Impact The MsQuic server will continue to leak memory until no more is available, resulting in a denial of service. Patches The following patch was made: - Fix Memory Leak from Multiple Decodes of TP - https://github.com/microsoft/msquic/commit/5d070d661c45979946615289e92bb6b822efe9e9 Workarounds...
GHSA-2X7M-GF85-3745 Remote Denial of Service Vulnerability in Microsoft QUIC
Impact The MsQuic server will continue to leak memory until no more is available, resulting in a denial of service. Patches The following patch was made: - Fix Memory Leak from Multiple Decodes of TP - https://github.com/microsoft/msquic/commit/5d070d661c45979946615289e92bb6b822efe9e9 Workarounds...
CVE-2024-26190
Microsoft QUIC Denial of Service Vulnerability...
Microsoft QUIC Security Vulnerability
Microsoft QUIC is a network transport protocol from Microsoft Corporation USA. A security vulnerability exists in Microsoft QUIC. An attacker could exploit this vulnerability to cause a denial of service on the system. The following products and versions are affected: .NET 8.0,Microsoft Visual...
BIT-DOTNET-2023-36435 Microsoft QUIC Denial of Service Vulnerability
Microsoft QUIC Denial of Service Vulnerability...
Denial Of Service (DoS)
Microsoft QUIC is vulnerable to Denial of Service DOS. The vulnerability is due to a memory leak in the QuicCryptoTlsReadExtensions function in cryptotls.c, which results in Denial of Service. An attacker can create multiple instances are present or multiple calls to the decode happen...
Microsoft QUIC Denial of Service Vulnerability
Microsoft QUIC is a network transport protocol from Microsoft. A denial of service vulnerability exists in Microsoft QUIC, which can be exploited by an attacker to cause a denial of service...
Improper Release of Memory Before Removing Last Reference ('Memory Leak')
Overview Affected versions of this package are vulnerable to Improper Release of Memory Before Removing Last Reference 'Memory Leak' in the QUIC transport parameters when multiple instances are present or multiple calls to the decode happen. An attacker can cause a denial of service when the MsQu...
CVE-2023-36435
Microsoft QUIC Denial of Service Vulnerability...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS resulting in a MsQuic server application or process crash. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users. Unlike other...
CVE-2023-36435 Microsoft QUIC Denial of Service Vulnerability
...
CVE-2023-36435 Microsoft QUIC Denial of Service Vulnerability
...
CVE-2023-38171 Microsoft QUIC Denial of Service Vulnerability
...
CVE-2023-38171 Microsoft QUIC Denial of Service Vulnerability
...