Lucene search
K

9532 matches found

Chainguard
Chainguard
added 2025/08/12 1:17 p.m.6 views

CVE-2025-55159 vulnerabilities

Vulnerabilities for packages: jujutsu, linkerd-extension-init, uv, zola, linkerd2-proxy, buck2, mdbook, pixi, shadowsocks-rust, linkerd2, efs-utils...

5.1CVSS5.8AI score0.00156EPSS
Exploits0
Chainguard
Chainguard
added 2025/08/12 1:17 p.m.3 views

GHSA-QX2V-8332-M4FV vulnerabilities

Vulnerabilities for packages: jujutsu, linkerd-extension-init, uv, zola, linkerd2-proxy, buck2, mdbook, pixi, shadowsocks-rust, linkerd2, efs-utils...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-47763

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash...

5.5CVSS5.4AI score0.00244EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/11 12:0 a.m.4 views

Slab 缓冲区错误漏洞

Slab is a Rust application open-sourced by Tokio. A buffer error vulnerability exists in slab version 0.4.10, which stems from the getdisjointmut method incorrectly checking index ranges, which could lead to accessing uninitialized memory...

5.1CVSS6.5AI score0.00156EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2025-38033

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/Kconfig: make CFIAUTODEFAULT depend on !RUST or Rust = 1.88 Calling core::fmt::write from rust code while FineIBT is enabled results in a kernel panic:...

5.5CVSS6.7AI score0.00154EPSS
Exploits0References2
OSV
OSV
added 2025/08/08 12:0 a.m.6 views

CVE-2025-54368 uv is vulnerable to ZIP payload obfuscation through parsing differentials

uv is a Python package and project manager written in Rust. In versions 0.8.5 and earlier, remote ZIP archives were handled in a streamwise fashion, and file entries were not reconciled against the archive's central directory. An attacker could contrive a ZIP archive that would extract with...

6.8CVSS6.5AI score0.00183EPSS
Exploits0References6
Amazon
Amazon
added 2025/08/08 12:0 a.m.7 views

Medium: rust

Issue Overview: The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input. CVE-2025-53605 Affected Packages: rust Issue Correction: Run dnf update rust --releasever...

5.9CVSS6.9AI score0.0038EPSS
Exploits0
CBLMariner
CBLMariner
added 2025/08/07 9:14 p.m.5 views

CVE-2023-53158 affecting package rust for versions less than 1.72.0-8

CVE-2023-53158 affecting package rust for versions less than 1.72.0-8. A patched version of the package is available...

4.1CVSS6.4AI score0.00171EPSS
Exploits0
CBLMariner
CBLMariner
added 2025/08/06 3:8 p.m.9 views

CVE-2024-58266 affecting package rust for versions less than 1.86.0-3

CVE-2024-58266 affecting package rust for versions less than 1.86.0-3. A patched version of the package is available...

9.8CVSS6.4AI score0.0078EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/08/05 12:0 p.m.3 views

AsgoreCore (>=0.1.0 <=0.1.2), RustyBox (=0.1.0) +425 more potentially affected by unknown CVE via xcb (>=0.10.1 <=1.2.2)

xcb CARGO version =0.10.1, =0.1.0, =0.1.0, =0.4.0, =0.1.0, =1.0.9, =0.6.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.3.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0051...

5.5AI score
Exploits0
NVD
NVD
added 2025/08/05 1:15 a.m.13 views

CVE-2025-54804

Russh is a Rust SSH client & server library. In versions 0.54.0 and below, the channel window adjust message of the SSH protocol is used to track the free space in the receive buffer of the other side of a channel. The current implementation takes the value from the message and adds it to an...

6.5CVSS0.00369EPSS
Exploits1References2
CVE
CVE
added 2025/08/05 12:5 a.m.35 views

CVE-2025-54804

Russh is a Rust SSH client/server library. In versions ≤0.54.0, CHANNEL_WINDOW_ADJUST handling computes recipient_window_size from the decoded value without proper overflow checks, causing an integer overflow that can crash the server. The issue is fixed in version 0.54.1. Attacker impact is serv...

6.5CVSS7AI score0.00369EPSS
Exploits1References2Affected Software2
Vulnrichment
Vulnrichment
added 2025/08/05 12:5 a.m.4 views

CVE-2025-54804 Russh is missing an overflow check during channel windows adjust

Russh is a Rust SSH client & server library. In versions 0.54.0 and below, the channel window adjust message of the SSH protocol is used to track the free space in the receive buffer of the other side of a channel. The current implementation takes the value from the message and adds it to an...

6.5CVSS6.7AI score0.00369EPSS
Exploits1References2
OSV
OSV
added 2025/08/05 12:5 a.m.5 views

CVE-2025-54804 Russh is missing an overflow check during channel windows adjust

Russh is a Rust SSH client & server library. In versions 0.54.0 and below, the channel window adjust message of the SSH protocol is used to track the free space in the receive buffer of the other side of a channel. The current implementation takes the value from the message and adds it to an...

6.5CVSS7.3AI score0.00369EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2025/08/05 12:5 a.m.5 views

CVE-2025-54804

Russh is a Rust SSH client & server library. In versions 0.54.0 and below, the channel window adjust message of the SSH protocol is used to track the free space in the receive buffer of the other side of a channel. The current implementation takes the value from the message and adds it to an...

6.5CVSS5.9AI score0.00369EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/07/31 12:0 a.m.6 views

Amazon Linux 2 : rust (ALAS-2025-2933)

The version of rust installed on the remote host is prior to 1.86.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2933 advisory. The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup...

5.9CVSS5.5AI score0.0038EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2025/07/30 4:11 p.m.5 views

FunkSec Ransomware Decryptor Released Free to Public After Group Goes Dormant

Cybersecurity experts have released a decryptor for a ransomware strain called FunkSec, allowing victims to recover access to their files for free. "Because the ransomware is now considered dead, we released the decryptor for public download," Gen Digital researcher Ladislav Zezula said. FunkSec,...

6.6AI score
Exploits0
Amazon
Amazon
added 2025/07/30 12:0 a.m.7 views

Medium: rust

Issue Overview: The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input. CVE-2025-53605 Affected Packages: rust Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

5.9CVSS7AI score0.0038EPSS
Exploits0
RustSec
RustSec
added 2025/07/29 12:0 p.m.7 views

tsify-next is unmaintained, use tsify instead

The tsify-next crate is not maintained any more; use tsify instead...

7.1AI score
Exploits0
OSV
OSV
added 2025/07/29 12:0 p.m.7 views

RUSTSEC-2025-0048 tsify-next is unmaintained, use tsify instead

The tsify-next crate is not maintained any more; use tsify instead...

7.1AI score
Exploits0References4
Rows per page
Query Builder