Lucene search
K

339 matches found

CVE
CVE
added 2025/07/28 12:0 a.m.38 views

CVE-2023-53161

CVE-2023-53161 affects the Rust buffered-reader crate prior to version 1.1.5. The root cause described in the connected sources is an out-of-bounds array access that can cause a panic. The vulnerability is limited to the library level (buffered-reader) and is described as allowing an out-of-bound...

5.3CVSS7.2AI score0.00332EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/28 12:0 a.m.4 views

CVE-2022-50237

The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair implementation leads to a simple computation for extracting a private key...

5.9CVSS6.2AI score0.00183EPSS
Exploits0References3
CVE
CVE
added 2025/07/28 12:0 a.m.45 views

CVE-2023-53159

The CVE-2023-53159 issue affects the rust-openssl crate prior to 0.10.55. It describes an out-of-bounds read caused by an empty string being passed to X509VerifyParamRef::set_host. The entry's CVSS data indicates a high-severity impact (CRITICAL) with network attack vector and high confidentialit...

9.1CVSS7.1AI score0.00329EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/28 12:0 a.m.3 views

CVE-2023-53158

The gix-transport crate before 0.36.1 for Rust allows command execution via the "gix clone 'ssh://-oProxyCommand=open$IFS" substring. NOTE: this was discovered before CVE-2024-32884, a similar vulnerability involving a username field that is more difficult to exploit...

4.1CVSS6.4AI score0.00171EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/07/28 12:0 a.m.6 views

CVE-2023-53159

The openssl crate before 0.10.55 for Rust allows an out-of-bounds read via an empty string to X509VerifyParamRef::sethost...

9.1CVSS5.2AI score0.00329EPSS
Exploits1
Debian CVE
Debian CVE
added 2025/07/28 12:0 a.m.6 views

CVE-2022-50237

The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair implementation leads to a simple computation for extracting a private key...

5.9CVSS5.2AI score0.00183EPSS
Exploits0
NVD
NVD
added 2025/07/27 10:15 p.m.11 views

CVE-2024-58265

The snow crate before 0.9.5 for Rust, when stateful TransportState is used, allows incrementing a nonce and thereby denying message delivery...

4.3CVSS0.00387EPSS
Exploits0References3
OSV
OSV
added 2025/07/27 9:15 p.m.5 views

CVE-2024-58264

The serde-json-wasm crate before 1.0.1 for Rust allows stack consumption via deeply nested JSON data...

7.5CVSS5.8AI score0.00362EPSS
Exploits0References3
NVD
NVD
added 2025/07/27 9:15 p.m.8 views

CVE-2024-58264

The serde-json-wasm crate before 1.0.1 for Rust allows stack consumption via deeply nested JSON data...

7.5CVSS0.00362EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/07/27 12:0 a.m.10 views

CVE-2024-58265

The snow crate before 0.9.5 for Rust, when stateful TransportState is used, allows incrementing a nonce and thereby denying message delivery...

3.1CVSS0.00387EPSS
Exploits0References3
CVE
CVE
added 2025/07/27 12:0 a.m.20 views

CVE-2024-58263

CVE-2024-58263 concerns the cosmwasm-std crate prior to version 2.0.2 for Rust, which allows integer overflows that can lead to incorrect contract calculations. The vulnerability stems from wrapping arithmetic used in core operations, potentially causing miscalculations in smart contracts that re...

5.3CVSS7.2AI score0.00418EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/27 12:0 a.m.2 views

CVE-2024-58264

The serde-json-wasm crate before 1.0.1 for Rust allows stack consumption via deeply nested JSON data...

3.2CVSS6.4AI score0.00362EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/07/27 12:0 a.m.12 views

CVE-2024-58266

The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the and \xa0 characters, which may facilitate command injection...

3.2CVSS0.0078EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/07/27 12:0 a.m.5 views

CVE-2023-53157

The rosenpass crate before 0.2.1 for Rust allows remote attackers to cause a denial of service panic via a one-byte UDP packet...

5.3CVSS6.3AI score0.00507EPSS
Exploits0References4
CVE
CVE
added 2025/07/27 12:0 a.m.42 views

CVE-2024-58265

CVE-2024-58265 affects the Rust snow crate prior to 0.9.5 when using stateful TransportState. The vulnerability allows an attacker to increment a nonce, resulting in denial of message delivery. The provided documents confirm the vulnerable component (snow crate) and the specific condition (statef...

4.3CVSS6.7AI score0.00387EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/07/27 12:0 a.m.10 views

CVE-2023-53157

The rosenpass crate before 0.2.1 for Rust allows remote attackers to cause a denial of service panic via a one-byte UDP packet...

5.3CVSS0.00507EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/07/27 12:0 a.m.5 views

CVE-2024-58266

The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the and \xa0 characters, which may facilitate command injection...

9.8CVSS5.2AI score0.0078EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/27 12:0 a.m.6 views

CVE-2023-53156

The transpose crate before 0.2.3 for Rust allows an integer overflow via inputwidth and inputheight arguments...

5.3CVSS5.2AI score0.00291EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/07/25 12:0 a.m.5 views

NewStart CGSL MAIN 7.02 : rust Vulnerability (NS-SA-2025-0146)

The remote NewStart CGSL host, running version MAIN 7.02, has rust packages installed that are affected by a vulnerability: - Cargo downloads the Rust project's dependencies and compiles the project. Cargo prior to version 0.72.2, bundled with Rust prior to version 1.71.1, did not respect the uma...

7.9CVSS7.1AI score0.00763EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/07/11 12:0 a.m.7 views

CBL Mariner 2.0 Security Update: azl-compliance / rust (CVE-2025-4574)

The version of azl-compliance / rust installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-4574 advisory. - In crossbeam-channel rust crate, the internal Channel type's Drop method has a race condition...

6.5CVSS6.5AI score0.00465EPSS
Exploits0References2
Rows per page
Query Builder