324 matches found
EUVD-2024-0395
Malicious code in bioql PyPI...
EUVD-2022-2245
Malicious code in bioql PyPI...
EUVD-2022-6183
Malicious code in bioql PyPI...
EUVD-2022-7668
Malicious code in bioql PyPI...
EUVD-2022-7133
Malicious code in bioql PyPI...
GO-2025-3970 DragonFly vulnerable to panics due to nil pointer dereference when using variables created alongside an error in d7y.io/dragonfly
DragonFly vulnerable to panics due to nil pointer dereference when using variables created alongside an error in d7y.io/dragonfly...
DragonFly vulnerable to panics due to nil pointer dereference when using variables created alongside an error
Impact We found two instances in the DragonFly codebase where the first return value of a function is dereferenced even when the function returns an error figures 9.1 and 9.2. This can result in a nil dereference, and cause code to panic. The codebase may contain additional instances of the bug...
GHSA-4MHV-8RH3-4GHW DragonFly vulnerable to panics due to nil pointer dereference when using variables created alongside an error
Impact We found two instances in the DragonFly codebase where the first return value of a function is dereferenced even when the function returns an error figures 9.1 and 9.2. This can result in a nil dereference, and cause code to panic. The codebase may contain additional instances of the bug...
CVE-2025-59351 Dragonfly possibly panics due to nil pointer dereference when using variables created alongside an error
Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, the first return value of a function is dereferenced even when the function returns an error. This can result in a nil dereference, and cause code to panic. This vulnerability is fixed in 2.1.0...
CVE-2025-59351 Dragonfly possibly panics due to nil pointer dereference when using variables created alongside an error
Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, the first return value of a function is dereferenced even when the function returns an error. This can result in a nil dereference, and cause code to panic. This vulnerability is fixed in 2.1.0...
DragonFly vulnerable to panics due to nil pointer dereference when using variables created alongside an error
We found two instances in the DragonFly codebase where the first return value of a function is dereferenced even when the function returns an error figures 9.1 and 9.2. This can result in a nil dereference, and cause code to panic. The codebase may contain additional instances of the bug. golang...
Linux Distros Unpatched Vulnerability : CVE-2023-46239
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - quic-go is an implementation of the QUIC protocol in Go. Starting in version 0.37.0 and prior to version 0.37.3, by serializing an ACK frame after the CRYTPO th...
Linux Distros Unpatched Vulnerability : CVE-2025-29785
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - quic-go is an implementation of the QUIC protocol in Go. The loss recovery logic for path probe packets that was added in the v0.50.0 release can be used to...
Linux Distros Unpatched Vulnerability : CVE-2020-7711
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This affects all versions of package github.com/russellhaering/goxmldsig. There is a crash on nil-pointer dereference caused by sending malformed XML signatures...
CVE-2025-8402 Nil pointer dereference in bulk import crashes server
Mattermost versions 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17, 10.10.x = 10.10.0, 10.9.x = 10.9.3 fail to validate import data which allows a system admin to crash the server via the bulk import feature...
CVE-2025-8402 Nil pointer dereference in bulk import crashes server
Mattermost versions 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17, 10.10.x = 10.10.0, 10.9.x = 10.9.3 fail to validate import data which allows a system admin to crash the server via the bulk import feature...
Linux Distros Unpatched Vulnerability : CVE-2020-29652
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial o...
Null Pointer Dereference
github.com/quic-go/quic-go is vulnerable to a Nil-Pointer Dereference. The vulnerability is due to improper handling of ACKs for path probe packets, where they are crafted and sent by a malicious client in a way that triggers the nil-pointer dereference in the server's loss recovery logic, It...
quic-go Has Panic in Path Probe Loss Recovery Handling
Impact The loss recovery logic for path probe packets that was added in the v0.50.0 release can be used to trigger a nil-pointer dereference by a malicious QUIC client. In order to do so, the attacker first sends valid QUIC packets from different remote addresses thereby triggering the newly adde...
GHSA-J972-J939-P2V3 quic-go Has Panic in Path Probe Loss Recovery Handling
Impact The loss recovery logic for path probe packets that was added in the v0.50.0 release can be used to trigger a nil-pointer dereference by a malicious QUIC client. In order to do so, the attacker first sends valid QUIC packets from different remote addresses thereby triggering the newly adde...