Lucene search
K

9529 matches found

Cvelist
Cvelist
added 2025/07/27 12:0 a.m.9 views

CVE-2023-53156

The transpose crate before 0.2.3 for Rust allows an integer overflow via inputwidth and inputheight arguments...

4.5CVSS0.00291EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/07/27 12:0 a.m.5 views

CVE-2023-53156

The transpose crate before 0.2.3 for Rust allows an integer overflow via inputwidth and inputheight arguments...

4.5CVSS6.7AI score0.00291EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/07/27 12:0 a.m.7 views

CVE-2024-58264

The serde-json-wasm crate before 1.0.1 for Rust allows stack consumption via deeply nested JSON data...

3.2CVSS0.00362EPSS
Exploits0References3
CVE
CVE
added 2025/07/27 12:0 a.m.22 views

CVE-2024-58264

The CVE-2024-58264 entry concerns the Rust crate serde-json-wasm prior to 1.0.1, where deeply nested JSON data can cause stack consumption/overflow. Reported impacts include potential denial of service via stack exhaustion; some sources describe the issue as a stack overflow during recursive JSON...

7.5CVSS7.2AI score0.00362EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/27 12:0 a.m.2 views

CVE-2024-58264

The serde-json-wasm crate before 1.0.1 for Rust allows stack consumption via deeply nested JSON data...

3.2CVSS6.4AI score0.00362EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/07/27 12:0 a.m.9 views

CVE-2024-58265

The snow crate before 0.9.5 for Rust, when stateful TransportState is used, allows incrementing a nonce and thereby denying message delivery...

3.1CVSS0.00387EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/07/27 12:0 a.m.3 views

CVE-2024-58261

The sequoia-openpgp crate 1.13.0 before 1.21.0 for Rust allows an infinite loop of "Reading a cert: Invalid operation: Not a Key packet" messages for RawCertParser operations that encounter an unsupported primary key type...

2.9CVSS6.3AI score0.00361EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/07/27 12:0 a.m.7 views

CVE-2024-58263

The cosmwasm-std crate before 2.0.2 for Rust allows integer overflows that cause incorrect contract calculations...

3.7CVSS0.00418EPSS
Exploits1References3
CVE
CVE
added 2025/07/27 12:0 a.m.19 views

CVE-2024-58263

CVE-2024-58263 concerns the cosmwasm-std crate prior to version 2.0.2 for Rust, which allows integer overflows that can lead to incorrect contract calculations. The vulnerability stems from wrapping arithmetic used in core operations, potentially causing miscalculations in smart contracts that re...

5.3CVSS7.2AI score0.00418EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/27 12:0 a.m.3 views

CVE-2024-58263

The cosmwasm-std crate before 2.0.2 for Rust allows integer overflows that cause incorrect contract calculations...

3.7CVSS6.3AI score0.00418EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/07/27 12:0 a.m.3 views

snow crate 安全漏洞

snow crate is a Rust implementation of the Noise Protocol Framework by the individual developer Jake McGinty. A security vulnerability exists in snow crate versions prior to 0.9.5, which stems from the use of stateful TransportState that can lead to message delivery rejection...

4.3CVSS6.3AI score0.00387EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/07/27 12:0 a.m.9 views

CVE-2024-58262

The curve25519-dalek crate before 4.1.3 for Rust has a constant-time operation on elliptic curve scalars that is removed by LLVM...

2.9CVSS0.00152EPSS
Exploits0References3
CVE
CVE
added 2025/07/27 12:0 a.m.21 views

CVE-2023-53157

CVE-2023-53157 affects the Rosenpass crate for Rust; versions before 0.2.1 are vulnerable. A crafted single-byte UDP packet can trigger a panic, enabling remote attackers to cause a denial of service. The available connected and primary sources consistently describe this behavior and impact as a ...

7.5CVSS7.2AI score0.00507EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/27 12:0 a.m.5 views

CVE-2023-53157

The rosenpass crate before 0.2.1 for Rust allows remote attackers to cause a denial of service panic via a one-byte UDP packet...

5.3CVSS6.3AI score0.00507EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/07/27 12:0 a.m.4 views

curve25519-dalek crate 安全漏洞

curve25519-dalek crate is a Rust library from dalek cryptography open source. A security vulnerability exists in curve25519-dalek crate versions prior to 4.1.3, which stems from the possibility of disclosing private keys and other secrets...

5.1CVSS6.4AI score0.00152EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/07/27 12:0 a.m.3 views

CVE-2024-58262

The curve25519-dalek crate before 4.1.3 for Rust has a constant-time operation on elliptic curve scalars that is removed by LLVM...

2.9CVSS6.3AI score0.00152EPSS
Exploits0References3
CVE
CVE
added 2025/07/27 12:0 a.m.45 views

CVE-2024-58262

The CVE-2024-58262 issue affects the curve25519-dalek Rust crate prior to version 4.1.3, where a constant-time operation on elliptic curve scalars is removed by LLVM. This timing-related behavior can impact confidentiality and is classified with a MEDIUM severity (NVD CVSS 3.1: 5.1). Public refer...

5.1CVSS6.7AI score0.00152EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/27 12:0 a.m.5 views

CVE-2024-58266

The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the and \xa0 characters, which may facilitate command injection...

3.2CVSS6.8AI score0.0078EPSS
Exploits0References3
CVE
CVE
added 2025/07/27 12:0 a.m.46 views

CVE-2024-58266

The CVE-2024-58266 entry concerns the shlex crate for Rust, affected in versions before 1.2.1. The root cause is that unquoted and unescaped instances of the characters { and �a0 may be processed in command arguments, potentially enabling command injection. Impact is described as high in network-...

9.8CVSS7.2AI score0.0078EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/07/27 12:0 a.m.12 views

CVE-2024-58266

The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the and \xa0 characters, which may facilitate command injection...

3.2CVSS0.0078EPSS
Exploits0References3
Rows per page
Query Builder