Lucene search
K

9529 matches found

CNNVD
CNNVD
added 2025/07/28 12:0 a.m.5 views

buffered-reader crate 缓冲区错误漏洞

buffered-reader crate is an input stream reading library for Rust by sequoia individual developers. A buffer error vulnerability exists in buffered-reader crate versions prior to 1.1.5, which stems from out-of-bounds array accesses that may cause a crash...

5.3CVSS6.6AI score0.00332EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2025/07/28 12:0 a.m.2 views

CVE-2023-53161

The buffered-reader crate before 1.1.5 for Rust allows out-of-bounds array access and a panic...

2.9CVSS6.2AI score0.00332EPSS
Exploits0References6
CVE
CVE
added 2025/07/28 12:0 a.m.22 views

CVE-2022-50237

The CVE-2022-50237 entry concerns the ed25519-dalek Rust crate prior to version 2. The Keypair implementation enables a double public key signing function oracle attack, enabling an attacker to compute/extract a private key from signatures. Reported impact includes confidentiality loss; CVSSv3.1 ...

5.9CVSS7.1AI score0.00185EPSS
Exploits0References3
CVE
CVE
added 2025/07/28 12:0 a.m.32 views

CVE-2023-53160

The CVE-2023-53160 vulnerability affects the sequoia-openpgp crate for Rust prior to 1.16.0, where an out-of-bounds array access can cause a panic. This is referenced in multiple advisories (e.g., RustSec advisory RUSTSEC-2023-0038) and Fedora/NASL entries. Affected versions: sequoia-openpgp befo...

5.3CVSS7.2AI score0.00274EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2025/07/28 12:0 a.m.37 views

CVE-2023-53161

CVE-2023-53161 affects the Rust buffered-reader crate prior to version 1.1.5. The root cause described in the connected sources is an out-of-bounds array access that can cause a panic. The vulnerability is limited to the library level (buffered-reader) and is described as allowing an out-of-bound...

5.3CVSS7.2AI score0.00332EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/28 12:0 a.m.2 views

CVE-2023-53160

The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds array access and a panic...

2.9CVSS6.2AI score0.00274EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/07/28 12:0 a.m.7 views

CVE-2023-53161

The buffered-reader crate before 1.1.5 for Rust allows out-of-bounds array access and a panic...

2.9CVSS0.00332EPSS
Exploits0References6
CVE
CVE
added 2025/07/28 12:0 a.m.45 views

CVE-2023-53159

The CVE-2023-53159 issue affects the rust-openssl crate prior to 0.10.55. It describes an out-of-bounds read caused by an empty string being passed to X509VerifyParamRef::set_host. The entry's CVSS data indicates a high-severity impact (CRITICAL) with network attack vector and high confidentialit...

9.1CVSS7.1AI score0.00329EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/28 12:0 a.m.4 views

CVE-2022-50237

The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair implementation leads to a simple computation for extracting a private key...

5.9CVSS6.2AI score0.00185EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/07/28 12:0 a.m.2 views

CVE-2023-53159

The openssl crate before 0.10.55 for Rust allows an out-of-bounds read via an empty string to X509VerifyParamRef::sethost...

4.5CVSS6.1AI score0.00329EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/07/28 12:0 a.m.8 views

CVE-2023-53160

The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds array access and a panic...

2.9CVSS0.00274EPSS
Exploits0References4
CVE
CVE
added 2025/07/28 12:0 a.m.18 views

CVE-2023-53158

CVE-2023-53158 affects the Rust crate gix-transport (before 0.36.1). The issue enables command execution via the substring gix clone 'ssh://-oProxyCommand=open$IFS', i.e., an SSH command injection. Impact details in sources indicate local attack vector with low confidentiality/integrity impact an...

4.1CVSS7.3AI score0.00171EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/07/28 12:0 a.m.3 views

CVE-2023-53158

The gix-transport crate before 0.36.1 for Rust allows command execution via the "gix clone 'ssh://-oProxyCommand=open$IFS" substring. NOTE: this was discovered before CVE-2024-32884, a similar vulnerability involving a username field that is more difficult to exploit...

4.1CVSS6.4AI score0.00171EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/07/28 12:0 a.m.7 views

CVE-2023-53159

The openssl crate before 0.10.55 for Rust allows an out-of-bounds read via an empty string to X509VerifyParamRef::sethost...

4.5CVSS0.00329EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/07/28 12:0 a.m.5 views

rust-openssl 安全漏洞

rust-openssl is a library from Rust for interacting with the OpenSSL library. A security vulnerability exists in rust-openssl versions prior to 0.10.55, which stems from an out-of-bounds read of X509VerifyParamRef::sethost...

9.1CVSS6.3AI score0.00329EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/07/28 12:0 a.m.9 views

CVE-2022-50237

The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair implementation leads to a simple computation for extracting a private key...

5.9CVSS0.00185EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/07/28 12:0 a.m.5 views

CVE-2023-53159

The openssl crate before 0.10.55 for Rust allows an out-of-bounds read via an empty string to X509VerifyParamRef::sethost...

9.1CVSS5.2AI score0.00329EPSS
Exploits1
Debian CVE
Debian CVE
added 2025/07/28 12:0 a.m.5 views

CVE-2023-53160

The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds array access and a panic...

5.3CVSS5.2AI score0.00274EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/28 12:0 a.m.5 views

CVE-2023-53161

The buffered-reader crate before 1.1.5 for Rust allows out-of-bounds array access and a panic...

5.3CVSS5.2AI score0.00332EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/28 12:0 a.m.5 views

CVE-2022-50237

The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair implementation leads to a simple computation for extracting a private key...

5.9CVSS5.2AI score0.00185EPSS
Exploits0
Rows per page
Query Builder