CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9526 matches found

Fedora•added 2022/08/15 1:11 a.m.•36 views

[SECURITY] Fedora 36 Update: rust-ffsend-0.2.76-2.fc36

Easily and securely share files from the command line. A fully featured Send client...

7.5CVSS1.6AI score0.01454EPSS

Exploits0

vulnersOsv•added 2022/08/12 3:31 p.m.•2 views

abci-storage (=0.0.3), arcon_backend (>=0.1.0 <=0.1.1) +144 more potentially affected by unknown CVE via rocksdb (>=0.10.1 <=0.18.0)

rocksdb CARGO version =0.10.1, =0.1.0, =0.2.0, =0.2.0, =0.1.1, =1.2.0, =0.6.0, =6.0.0, =0.1.1, =0.1.0, =0.1.0, =0.2.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-XPP3-XRFF-W6RH...

5.8AI score

Exploits0

OSSF Malicious Packages•added 2022/08/11 3:43 p.m.•4 views

Malicious code in rustdecimal (crates.io)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2e33f42f05c60c6d9f9297bae15a43d6c445e2ad0fd67fa4ef144e5cc79d09c7 The Rust Security Response WG and the crates.io team were notified1 on 2022-05-02 of the existence of the malicious crate rustdecimal, which contained...

7AI score

Exploits0References5

CNVD•added 2022/08/11 12:0 a.m.•24 views

Apache Avro Denial of Service Vulnerability

Apache Avro is a data serialization system from the Apache Foundation, Inc. A denial of service vulnerability exists in versions of Apache Avro Rust prior to 0.14.0, which stems from an integer overflow when reading corrupted .avro files in the Avro Rust SDK, and can be exploited by an attacker t...

7.5CVSS5.5AI score0.01353EPSS

Exploits0References1

OSV•added 2022/08/10 5:26 p.m.•3 views

GHSA-9QXH-258V-666C owning_ref vulnerable to multiple soundness issues

OwningRef::mapwithowner is unsound and may result in a use-after-free. - OwningRef::map is unsound and may result in a use-after-free. - OwningRefMut::asowner and OwningRefMut::asownermut are unsound and may result in a use-after-free. - The crate violates Rust's aliasing rules, which may cause...

5.8AI score

Exploits0References3

OSV•added 2022/08/10 12:0 a.m.•20 views

GHSA-WCM8-86X6-8MV3 Apache Avro Rust SDK's Reader could consume memory beyond allowed constraints

It is possible for a Reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 previously known as avro-rs. Users should update to apache-avro version 0.14.0 which addresses...

7.5CVSS7.5AI score0.01276EPSS

Exploits0References4

OSV•added 2022/08/10 12:0 a.m.•27 views

GHSA-V456-CHPW-6MMW Apache Avro Rust SDK vulnerable to reader looping in cycle endlessly, consuming CPU

It is possible to provide data to be read that leads the reader to loop in cycles endlessly, consuming CPU. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 previously known as avro-rs. Users should update to apache-avro version 0.14.0 which addresses this issue...

7.5CVSS7.4AI score0.01552EPSS

Exploits0References3

Github Security Blog•added 2022/08/10 12:0 a.m.•27 views

Apache Avro Rust SDK corrupted data read can cause crash

It is possible to crash panic an application by providing a corrupted data to be read. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 previously known as avro-rs. Users should update to apache-avro version 0.14.0 which addresses this issue...

7.5CVSS7.2AI score0.01353EPSS

Exploits0References3Affected Software1

Github Security Blog•added 2022/08/10 12:0 a.m.•33 views

Apache Avro Rust SDK's Reader could consume memory beyond allowed constraints

7.5CVSS7.3AI score0.01276EPSS

Exploits0References4Affected Software1

Github Security Blog•added 2022/08/10 12:0 a.m.•22 views

Apache Avro Rust SDK vulnerable to reader looping in cycle endlessly, consuming CPU

7.5CVSS7.2AI score0.01552EPSS

Exploits0References3Affected Software1