17 matches found
EUVD-2020-17645
Malware in sbrugna...
EUVD-2025-4633
Malicious code in bioql PyPI...
CVE-2020-24944
picoquic before 3rd of July 2020 allows attackers to cause a denial of service infinite loop via a crafted QUIC frame, related to the picoquicdecodeframes and picoquicdecodestreamframe functions and epoch==3...
CVE-2025-24946
The hash table used to manage connections in picoquic before b80fd3f uses a weak hash function, allowing remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs...
CVE-2025-24946
The hash table used to manage connections in picoquic before b80fd3f uses a weak hash function, allowing remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs...
CVE-2025-24946
The hash table used to manage connections in picoquic before b80fd3f uses a weak hash function, allowing remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs...
CVE-2025-24946
The hash table used to manage connections in picoquic before b80fd3f uses a weak hash function, allowing remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs...
PT-2025-7548 · Picoquic · Picoquic
Name of the Vulnerable Software and Affected Versions: picoquic versions before b80fd3f Description: The hash table used to manage connections in picoquic uses a weak hash function, allowing remote attackers to cause a considerable CPU load on the server by initiating connections with colliding...
picoquic 安全漏洞
picoquic is a minimal implementation of the QUIC protocol open-sourced by Private Octopus. A security vulnerability exists in picoquic that stems from the use of a weak hash function in the hash table used to manage connections. A remote attacker exploiting this vulnerability could cause...
CVE-2025-24946
The vulnerability (CVE-2025-24946) affects picoquic’s connection hash table, which uses a weak hash function. An attacker could cause high CPU load by opening connections with colliding Source Connection IDs (SCIDs), enabling a Hash DoS condition. The field notes indicate the issue exists in vers...
CVE-2025-24946
The hash table used to manage connections in picoquic before b80fd3f uses a weak hash function, allowing remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs...
CVE-2020-24944
picoquic before 3rd of July 2020 allows attackers to cause a denial of service infinite loop via a crafted QUIC frame, related to the picoquicdecodeframes and picoquicdecodestreamframe functions and epoch==3...
CVE-2020-24944
picoquic before 3rd of July 2020 allows attackers to cause a denial of service infinite loop via a crafted QUIC frame, related to the picoquicdecodeframes and picoquicdecodestreamframe functions and epoch==3...
Design/Logic Flaw
picoquic before 3rd of July 2020 allows attackers to cause a denial of service infinite loop via a crafted QUIC frame, related to the picoquicdecodeframes and picoquicdecodestreamframe functions and epoch==3...
CVE-2020-24944
Picoquic (before 2020-07-03) contains a denial-of-service vulnerability where a crafted QUIC frame triggers an infinite loop. The issue is tied to the decode logic in picoquic_decode_frames and picoquic_decode_stream_frame when epoch==3. The confirmed impact is partial availability (per CVSSv2/v3...
CVE-2020-24944
picoquic before 3rd of July 2020 allows attackers to cause a denial of service infinite loop via a crafted QUIC frame, related to the picoquicdecodeframes and picoquicdecodestreamframe functions and epoch==3...
Private Octopus picoquic Input Validation Error Vulnerability
Private Octopus picoquic is a management system of the Private Octopus organization in the United States. Provides feedback on the development of the QUIC standard in the IETF QUIC WG. An input validation error vulnerability exists in Private Octopus picoquic, which stems from allowing an attacke...