Window may read from uninitialized memory locations in rdiff

An issue was discovered in the rdiff crate through version 0.1.2 for Rust. Window may read from uninitialized memory locations...

GHSA-2RXC-8F9W-FJQ8 Window may read from uninitialized memory locations in rdiff

An issue was discovered in the rdiff crate through version 0.1.2 for Rust. Window may read from uninitialized memory locations...

GHSA-W428-F65R-H4Q2 Deserialization of Untrusted Data in rust-cpuid

An issue was discovered in the raw-cpuid crate before 9.1.1 for Rust. If the serialize feature is used which is not the the default, a Deserialize operation may lack sufficient validation, leading to memory corruption or a panic...

GHSA-64WV-8VWP-XGW2 Use of Uninitialized Resource in ash.

An issue was discovered in the ash crate before 0.33.1 for Rust. util::readspv may read from uninitialized memory locations...

LemoGUI (=0.0.1-nightly), a2d (>=0.1.0 <=0.1.11) +277 more potentially affected by CVE-2021-45688 via ash (>=0.24.4 <=0.32.1)

ash CARGO version =0.24.4, =0.1.0, =0.1.0, =0.0.1, =0.1.2, =0.1.0, =0.1.0, =0.5.4, =0.2.0, =0.1.0, =0.3.0 - amethyst-navigation =0.1.0 and more Source cves: CVE-2021-45688 Source advisory: OSV:GHSA-64WV-8VWP-XGW2...

Use of Uninitialized Resource in messagepack-rs

An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserializestring may read from uninitialized memory locations...

Use of Uninitialized Resource in messagepack-rs.

An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserializeextensionothers may read from uninitialized memory locations...

GHSA-HR52-F9VP-582C Use of Uninitialized Resource in messagepack-rs.

An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserializeextensionothers may read from uninitialized memory locations...

Use of Uninitialized Resource in messagepack-rs.

An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserializebinary may read from uninitialized memory locations...

Incorrect reliance on Trait memory layout in mopa

The mopa crate redefines the deprecated TraitObject struct from core::raw. This is done to then transmute a reference to a trait object &dyn Trait for any trait Trait into this struct and retrieve the data field for the purpose of downcasting. This is used to implement downcastrefunchecked, in...

RPC call failure in ckb

An issue was discovered in the ckb crate before 0.40.0 for Rust. A getblocktemplate RPC call may fail in situations where it is supposed to select a Nervos CKB blockchain transaction with a higher fee rate than another transaction...

Use After Free in tremor-script

An issue was discovered in the tremor-script crate before 0.11.6 for Rust. A patch operation may result in a use-after-free...

GHSA-Q2X5-6Q7Q-R872 Use After Free in tremor-script

An issue was discovered in the tremor-script crate before 0.11.6 for Rust. A patch operation may result in a use-after-free...

Denial of Service in ckb

An issue was discovered in the ckb crate before 0.40.0 for Rust. Attackers can cause a denial of service Nervos CKB blockchain node crash via a dead call that is used as a DepGroup...

GHSA-CW98-CX2M-9QQG Denial of Service in ckb

An issue was discovered in the ckb crate before 0.40.0 for Rust. Attackers can cause a denial of service Nervos CKB blockchain node crash via a dead call that is used as a DepGroup...

Allocation of Resources Without Limits or Throttling in ckb

An issue was discovered in the ckb crate before 0.40.0 for Rust. Remote attackers may be able to conduct a 51% attack against the Nervos CKB blockchain by triggering an inability to allocate memory for the misbehavior HashMap...

GHSA-2969-8HH9-57JC Allocation of Resources Without Limits or Throttling in ckb

An issue was discovered in the ckb crate before 0.40.0 for Rust. Remote attackers may be able to conduct a 51% attack against the Nervos CKB blockchain by triggering an inability to allocate memory for the misbehavior HashMap...

Use After Free in tremor-script

An issue was discovered in the tremor-script crate before 0.11.6 for Rust. A merge operation may result in a use-after-free...

GHSA-9QVW-46GF-4FV8 Use After Free in tremor-script

An issue was discovered in the tremor-script crate before 0.11.6 for Rust. A merge operation may result in a use-after-free...

GHSA-R57R-J98G-587F Pointer dereference in nanorand

An issue was discovered in the nanorand crate before 0.6.1 for Rust. There can be multiple mutable references to the same object because the TlsWyRand Deref implementation dereferences a raw pointer...