Lucene search
K

427 matches found

Code423n4
Code423n4
added 2022/08/27 12:0 a.m.8 views

Storage layout collision issue between NounsDAOStorageV1 and NounsDAOStorageV1Adjusted

Lines of code Vulnerability details Impact Since two new variables are added in the contract NounsDAOStorageV1Adjusted at the end of the struct proposal, the memory layout between the NounsDAOStorageV1 and NounsDAOStorageV1Adjusted is colluding. This affects the variable type and values in the...

6.7AI score
Exploits0
RustSec
RustSec
added 2022/08/26 12:0 p.m.18 views

`os_socketaddr` invalidly assumes the memory layout of std::net::SocketAddr

The ossocketaddr crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. These layout were changed into idiomatic rust...

2.4AI score
Exploits0Affected Software1
OSV
OSV
added 2022/08/26 12:0 p.m.13 views

RUSTSEC-2022-0052 `os_socketaddr` invalidly assumes the memory layout of std::net::SocketAddr

The ossocketaddr crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. These layout were changed into idiomatic rust...

7.1AI score
Exploits0References3
NVD
NVD
added 2022/07/06 4:15 p.m.24 views

CVE-2021-3695

A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and circumvent secure boot protections. This issue has a high complexity to be exploited as an...

4.5CVSS0.00462EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/06/17 12:12 a.m.12 views

`mopa` is technically unsound

The mopa crate redefines the deprecated TraitObject struct from core::raw like so: rust reprC deriveCopy, Clone dochidden pub struct TraitObject pub data: mut , pub vtable: mut , This is done to then transmute a reference to a trait object &dyn Trait for any trait Trait into this struct and...

7.7AI score
Exploits0References3Affected Software1
OSV
OSV
added 2022/06/17 12:12 a.m.2 views

GHSA-8MV5-7X95-7WCF `mopa` is technically unsound

The mopa crate redefines the deprecated TraitObject struct from core::raw like so: rust reprC deriveCopy, Clone dochidden pub struct TraitObject pub data: mut , pub vtable: mut , This is done to then transmute a reference to a trait object &dyn Trait for any trait Trait into this struct and...

9.8CVSS6.4AI score0.01646EPSS
Exploits0References3
OSV
OSV
added 2022/05/24 5:37 p.m.15 views

GHSA-C79C-GWPH-GQFM `net2` invalidly assumes the memory layout of std::net::SocketAddr

The net2 crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about the...

5.5CVSS5.2AI score0.00398EPSS
Exploits2References4
Github Security Blog
Github Security Blog
added 2022/05/24 5:37 p.m.23 views

`net2` invalidly assumes the memory layout of std::net::SocketAddr

The net2 crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about the...

5.5CVSS6.9AI score0.00384EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2022/01/06 10:11 p.m.4 views

GHSA-2GXJ-QRP2-53JV Incorrect reliance on Trait memory layout in mopa

The mopa crate redefines the deprecated TraitObject struct from core::raw. This is done to then transmute a reference to a trait object &dyn Trait for any trait Trait into this struct and retrieve the data field for the purpose of downcasting. This is used to implement downcastrefunchecked, in...

9.8CVSS7.7AI score0.01646EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/01/06 10:11 p.m.28 views

Incorrect reliance on Trait memory layout in mopa

The mopa crate redefines the deprecated TraitObject struct from core::raw. This is done to then transmute a reference to a trait object &dyn Trait for any trait Trait into this struct and retrieve the data field for the purpose of downcasting. This is used to implement downcastrefunchecked, in...

9.8CVSS9.3AI score0.01646EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2021/12/27 12:15 a.m.10 views

CVE-2021-45695

An issue was discovered in the mopa crate through 2021-06-01 for Rust. It incorrectly relies on Trait memory layout, possibly leading to future occurrences of arbitrary code execution or ASLR bypass...

9.8CVSS6.3AI score0.01646EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/12/26 9:50 p.m.23 views

CVE-2021-45695

An issue was discovered in the mopa crate through 2021-06-01 for Rust. It incorrectly relies on Trait memory layout, possibly leading to future occurrences of arbitrary code execution or ASLR bypass...

10AI score0.01646EPSS
Exploits0References2
OSV
OSV
added 2021/09/08 3:15 p.m.1 views

CVE-2021-30656

An access issue was addressed with improved memory management. This issue is fixed in iOS 14.5 and iPadOS 14.5. A malicious application may be able to determine kernel memory layout...

5.5CVSS6.1AI score0.0086EPSS
Exploits0References1
NVD
NVD
added 2021/09/08 3:15 p.m.10 views

CVE-2021-30656

An access issue was addressed with improved memory management. This issue is fixed in iOS 14.5 and iPadOS 14.5. A malicious application may be able to determine kernel memory layout...

7.1CVSS0.0086EPSS
Exploits0References1
Prion
Prion
added 2021/09/08 3:15 p.m.18 views

Memory corruption

An access issue was addressed with improved memory management. This issue is fixed in iOS 14.5 and iPadOS 14.5. A malicious application may be able to determine kernel memory layout...

7.1CVSS5AI score0.0086EPSS
Exploits0References1Affected Software2
Github Security Blog
Github Security Blog
added 2021/08/25 9:0 p.m.13 views

Assumed memory layout of std::net::SocketAddr

The socket2 crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about the...

2.5AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2021/08/25 8:52 p.m.27 views

nb-connect invalidly assumes the memory layout of std::net::SocketAddr

The nb-connect crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about...

9.8CVSS8.9AI score0.01448EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2021/08/25 8:52 p.m.24 views

GHSA-RM4W-6696-R77P nb-connect invalidly assumes the memory layout of std::net::SocketAddr

The nb-connect crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about...

9.8CVSS9.4AI score0.01448EPSS
Exploits1References4
OSV
OSV
added 2021/08/25 8:52 p.m.14 views

GHSA-FHV4-FX3V-77W6 quinn invalidly assumes the memory layout of std::net::SocketAddr

The quinn crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about the...

7.5CVSS7.4AI score0.0125EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2021/08/25 8:52 p.m.31 views

quinn invalidly assumes the memory layout of std::net::SocketAddr

The quinn crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about the...

7.5CVSS7.3AI score0.0125EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder