EUVD-2025-14177

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2017-15407

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out-of-bounds Write in the QUIC networking stack in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to gain code execution via a malicious server...

quic-go Has Panic in Path Probe Loss Recovery Handling

Impact The loss recovery logic for path probe packets that was added in the v0.50.0 release can be used to trigger a nil-pointer dereference by a malicious QUIC client. In order to do so, the attacker first sends valid QUIC packets from different remote addresses thereby triggering the newly adde...

GHSA-C86P-W88R-QVQR Duplicate Advisory: ring has some AES functions that may panic when overflow checking is enabled in

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-4p46-pwfr-66x6. This link is maintained to preserve external references. Original Description A flaw was found in Rust's Ring package. A panic may be triggered when overflow checking is enabled. In the QUIC...

quic-go 数据伪造问题漏洞

quic-go is an implementation of the QUIC protocol, RFC 9000 protocol in Go by Lucas Clemente, a personal developer. A data forgery issue vulnerability exists in versions of quic-go prior to v0.48.1, which stems from the mishandling of ICMP Packet Too Large messages, and could allow an out-of-path...

quic-go 安全漏洞

quic-go is an implementation of the QUIC protocol, RFC 9000 protocol, in Go by the individual developer Lucas Clemente. A security vulnerability exists in versions of quic-go prior to 0.42.0. An attacker exploiting this vulnerability could send a large number of NEWCONNECTIONID frames to obsolete...