9532 matches found
CVE-2025-53605 affecting package rust for versions less than 1.75.0-17
CVE-2025-53605 affecting package rust for versions less than 1.75.0-17. A patched version of the package is available...
CVE-2025-53605 affecting package rust for versions less than 1.86.0-4
CVE-2025-53605 affecting package rust for versions less than 1.86.0-4. A patched version of the package is available...
BiliupApi (>=0.1.0 <=0.1.7), EZDB (>=0.1.13 <=0.1.15) +1444 more potentially affected by unknown CVE via adler (>=0.2.3 <=1.0.2)
adler CARGO version =0.2.3, =0.1.0, =0.1.13, =0.1.0, =0.6.0-beta.1, =0.6.0-beta.1, =0.6.0-beta.1, =0.1.5, =0.21.0-alpha.1, =0.0.1-dev.10, =0.4.0, =4.0.1-alpha.1, =0.2.0, =0.1.0, =0.2.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0056...
CVE-2025-58359 frost-core: refresh shares with smaller min_signers will reduce group security
ZF FROST is a Rust implementation of FROST Flexible Round-Optimised Schnorr Threshold signatures. In versions 2.0.0 through 2.1.0, refresh shares with smaller minsigners will reduce security of group. The inability to change minsigners i.e. the threshold with the refresh share functionality...
The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::coded_input_stream::CodedInputStream::skip_group parsing of unknown fields in untrusted input.
...
The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the { and \xa0 characters, which may facilitate command injection.
...
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c.
...
The openssl crate before 0.10.55 for Rust allows an out-of-bounds read via an empty string to X509VerifyParamRef::set_host.
...
Rust-openssl: rust-openssl use-after-free in `md::fetch` and `cipher::fetch`
...
CVE-2025-57611
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 Null pointer dereference vulnerability in the dump method allows an attacker to cause a denial of service. The vulnerability exists because the method fails to check the return value of avfiltergraphdump for NULL, leading to a crash...
CVE-2025-57615
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 An integer overflow vulnerability in the Vector::new constructor function allows an attacker to cause a denial of service via a null pointer dereference. The vulnerability stems from an unchecked cast of a usize parameter to cint,...
CVE-2025-57612
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 Null pointer dereference vulnerability in the name method allows an attacker to cause a denial of service. The vulnerability exists because the method fails to check for a NULL return value from the avgetsamplefmtname C function,...
Medium: rust
Issue Overview: There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above. CVE-2025-6965 Affected Packages: rust...
Amazon Linux 2 : rust, --advisory ALAS2-2025-2978 (ALAS-2025-2978)
The version of rust installed on the remote host is prior to 1.86.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2978 advisory. There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns...
rust openssl ssl::select_next_proto use after free
...
Fedora 44 : glycin / rust-ashpd / rust-ashpd0.11 / rust-glycin / etc (2025-bb172624a9)
The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-bb172624a9 advisory. Update glycin to version 2.0.rc. This update also includes a bunch of related Rust dependency updates for GNOME 49.rc. Additionally, CVE-2025-58160 is...
CVE-2025-57616
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 A use-after-free vulnerability in the writeinterleaved method allows an attacker to cause a denial of service or memory corruption. The method violates Rust's aliasing rules by modifying a data structure through a mutable pointer...
CVE-2025-57614
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 Integer overflow and invalid input vulnerability in the cached method allows an attacker to cause a denial of service or potentially execute arbitrary code. The vulnerability occurs when dimension parameters are zero or exceed...
CVE-2025-57615
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 An integer overflow vulnerability in the Vector::new constructor function allows an attacker to cause a denial of service via a null pointer dereference. The vulnerability stems from an unchecked cast of a usize parameter to cint,...
CVE-2025-57613
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 A null pointer dereference vulnerability in the input constructor function allows an attacker to cause a denial of service. The vulnerability is triggered when the avioalloccontext call fails and returns NULL, which is then stored a...