Lucene search
K

238 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2020-25574

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the http crate before 0.1.20 for Rust. An integer overflow in HeaderMap::reserve could result in denial of service e.g., an infinite...

7.5CVSS7.2AI score0.0244EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-4574

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In crossbeam-channel rust crate, the internal Channel type's Drop method has a race condition which could, in some circumstances, lead to a double-free that cou...

6.5CVSS6.6AI score0.00465EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-53605

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields ...

5.9CVSS5.8AI score0.0038EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-53161

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The buffered-reader crate before 1.1.5 for Rust allows out-of-bounds array access and a panic. CVE-2023-53161 Note that Nessus relies on the presence of the...

5.3CVSS5.8AI score0.00332EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-58265

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The snow crate before 0.9.5 for Rust, when stateful TransportState is used, allows incrementing a nonce and thereby denying message delivery. CVE-2024-58265 Not...

4.3CVSS5.8AI score0.00387EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2021-26957

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because there is an out-of-bounds read in...

9.8CVSS8.1AI score0.01754EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2021-25900

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the smallvec crate before 0.6.14 and 1.x before 1.6.1 for Rust. There is a heap-based buffer overflow in SmallVec::insertmany...

9.8CVSS7.5AI score0.01666EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-53158

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The gix-transport crate before 0.36.1 for Rust allows command execution via the gix clone 'ssh://-oProxyCommand=open$IFS substring. NOTE: this was discovered...

4.1CVSS6AI score0.00171EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-25001

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the serdecbor crate before 0.10.2 for Rust. The CBOR deserializer can cause stack consumption via nested semantic tags. CVE-2019-2500...

7.5CVSS7.1AI score0.0143EPSS
Exploits1References2
Amazon
Amazon
added 2025/08/08 12:0 a.m.7 views

Medium: rust

Issue Overview: The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input. CVE-2025-53605 Affected Packages: rust Issue Correction: Run dnf update rust --releasever...

5.9CVSS6.9AI score0.0038EPSS
Exploits0
RustSec
RustSec
added 2025/07/29 12:0 p.m.7 views

tsify-next is unmaintained, use tsify instead

The tsify-next crate is not maintained any more; use tsify instead...

7.1AI score
Exploits0
SUSE CVE
SUSE CVE
added 2025/07/28 11:36 p.m.5 views

SUSE CVE-2023-53160

The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds array access and a panic...

5.3CVSS7AI score0.00274EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/07/28 3:31 a.m.7 views

Duplicate Advisory: sequoia-openpgp vulnerable to out-of-bounds array access leading to panic

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-25mx-8f3v-8wh7. This link is maintained to preserve external references. Original Description The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds array access and a panic...

5.3CVSS7.1AI score0.00274EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2025/07/28 3:31 a.m.6 views

Duplicate Advisory: gix-transport code execution vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-rrjw-j4m2-mf34. This link is maintained to preserve external references. Original Description The gix-transport crate before 0.36.1 for Rust allows command execution via the "gix clone...

6.4AI score
Exploits0References6Affected Software1
OSV
OSV
added 2025/07/28 3:15 a.m.5 views

UBUNTU-CVE-2023-53160

The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds array access and a panic...

5.3CVSS5.8AI score0.00274EPSS
Exploits0References6
OSV
OSV
added 2025/07/28 2:15 a.m.4 views

UBUNTU-CVE-2022-50237

The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair implementation leads to a simple computation for extracting a private key...

5.9CVSS5.8AI score0.00183EPSS
Exploits0References5
NVD
NVD
added 2025/07/28 12:15 a.m.6 views

CVE-2023-53157

The rosenpass crate before 0.2.1 for Rust allows remote attackers to cause a denial of service panic via a one-byte UDP packet...

7.5CVSS0.00507EPSS
Exploits0References4
CVE
CVE
added 2025/07/28 12:0 a.m.18 views

CVE-2023-53158

CVE-2023-53158 affects the Rust crate gix-transport (before 0.36.1). The issue enables command execution via the substring gix clone 'ssh://-oProxyCommand=open$IFS', i.e., an SSH command injection. Impact details in sources indicate local attack vector with low confidentiality/integrity impact an...

4.1CVSS7.3AI score0.00171EPSS
Exploits0References4
OSV
OSV
added 2025/07/27 10:15 p.m.2 views

DEBIAN-CVE-2024-58266

The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the and \xa0 characters, which may facilitate command injection...

9.8CVSS5.3AI score0.0078EPSS
Exploits0References1
OSV
OSV
added 2025/07/27 9:32 p.m.4 views

GHSA-P444-P2RM-HVRW Duplicate Advisory: transpose: Buffer overflow due to integer overflow

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-5gmm-6m36-r7jh. This link is maintained to preserve external references. Original Description The transpose crate before 0.2.3 for Rust allows an integer overflow via inputwidth and inputheight arguments...

4.5CVSS6.5AI score0.00291EPSS
Exploits0References6
Rows per page
Query Builder