Lucene search
+L

7 matches found

EUVD
EUVD
added yesterday8 views

EUVD-2024-55678

SurrealDB before 1.5.5 and 2.0.0-beta before 2.0.0-beta.3 accepts an arbitrary object in the signin and signup operations of the RPC API without recursively validating it for non-computed values. When a record access method defines a SIGNIN or SIGNUP query and the RPC API is exposed to untrusted...

8.8CVSS5.5AI score
Exploits0References2
CVE
CVE
added yesterday10 views

CVE-2024-58362

SurrealDB vulnerability CVE-2024-58362 affects prior releases (before 1.5.5 and 2.0.0-beta before 2.0.0-beta.3) where an arbitrary object can be accepted in signin/signup via the RPC API without recursive validation for non-computed values. An unauthenticated attacker could encode a binary object...

8.8CVSS5.5AI score
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/12/16 12:0 p.m.9 views

Cryptonic (>=0.1.0 <=0.1.2), IMAPServer (=0.1.0) +6348 more potentially affected by unknown CVE via bincode (>=0.0.1 <=3.0.0)

bincode CARGO version =0.0.1, =0.1.0, =0.19.0, =0.4.1, =0.1.0, =0.0.1, =0.1.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0141...

5.7AI score
Exploits0
OSV
OSV
added 2025/12/16 12:0 p.m.29 views

RUSTSEC-2025-0141 Bincode is unmaintained

Due to a doxxing and harassment incident, the bincode team has taken the decision to cease development permanently. The team considers version 1.3.3 a complete version of bincode that is not in need of any updates. Alternatives to consider wincode postcard bitcode rkyv...

6.8AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2024/09/11 7:20 p.m.18 views

Untrusted Query Object Evaluation in RPC API

During the sign in and sign up operations through the SurrealDB RPC API, an arbitrary object would be accepted in order to support a wide array of types and structures that could contain user credentials. This arbitrary object could potentially contain any SurrealDB value, including an object...

7.2AI score
Exploits0References7Affected Software2
OSV
OSV
added 2024/09/11 7:20 p.m.29 views

GHSA-64F8-PJGR-9WMR Untrusted Query Object Evaluation in RPC API

During the sign in and sign up operations through the SurrealDB RPC API, an arbitrary object would be accepted in order to support a wide array of types and structures that could contain user credentials. This arbitrary object could potentially contain any SurrealDB value, including an object...

8.8CVSS7.2AI score
Exploits0References7
vulnersOsv
vulnersOsv
added 2022/06/17 12:18 a.m.4 views

bencode (>=0.1.1 <=0.1.8), bincode (>=0.0.3 <=0.0.9) +49 more potentially affected by unknown CVE via rustc-serialize (>=0.1.5 <=0.3.22)

rustc-serialize CARGO version =0.1.5, =0.1.1, =0.0.3, =0.1.12, =0.1.2, =0.5.3, =0.5.2, =0.5.1, =0.1.4, =0.1.8, =0.6.41, =0.6.42 - docoptmacros =0.6.42 - email =0.0.9 - envelope =0.1.2 and more Source cves: unknown CVE Source advisory: OSV:GHSA-2226-4V3C-CFF8...

5.8AI score
Exploits0
Rows per page
Query Builder