Rustpad - Multi-Threaded Padding Oracle Attacks Against Any Service

A multi-threaded what now? rustpad is a multi-threaded successor to the classic padbuster, written in Rust. It abuses a Padding Oracle vulnerability to decrypt any cypher text or encrypt arbitrary plain text without knowing the encryption key! Features Decryption of cypher texts Encryption of...

CreateProcessW (>=0.1.0 <=0.1.2), UWUWUW (>=0.13.2 <=0.13.4) +186 more potentially affected by unknown CVE via windows (>=0.20.1 <=0.30.0)

windows CARGO version =0.20.1, =0.1.0, =0.13.2, =0.1.0, =1.0.0, =1.0.0, =1.8.0, =0.0.6, =0.0.4, =0.1.0, =0.1.0, =0.4.0, =0.4.1 - btleplug =0.9.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0008...

RUSTSEC-2022-0004 Stack overflow in rustc_serialize when parsing deeply nested JSON

When parsing JSON using json::Json::fromstr, there is no limit to the depth of the stack, therefore deeply nested objects can cause a stack overflow, which aborts the process. Example code that triggers the vulnerability is rust fn main let = rustcserialize::json::Json::fromstr&"0,".repeat10000;...

Exploit for Improper Input Validation in Apache Log4J

Log4j Scanner Discover Log4Shell vulnerability CVE-2021-4483...

Mozilla Rust Memory Corruption Vulnerability (CNVD-2022-04516)

Rust, a general-purpose, compiled programming language from the Mozilla Foundation, has a security vulnerability in versions prior to Rust metrics-util crate 0.7.0 that can be exploited by attackers to cause memory corruption...

Rust ash crate has an unspecified vulnerability

Rust ash crate is a very lightweight Vulkan wrapper. a security vulnerability exists in versions of Rust ash crate prior to 0.33.1, which stems from the fact that util::readspv can read data from an uninitialized memory location. No details of the vulnerability are currently available...

Rust rusqlite crate memory corruption vulnerability (CNVD-2022-04007)

Rust rusqlite crate is an ergonomic wrapper for using SQLite from Rust. it attempts to expose a rust-postgres-like interface. versions 0.25.x prior to 0.25.4 and 0.26.x prior to 0.26.2 of Rust rusqlite crate are vulnerable to security vulnerability, which stems from a resource management error in...

Mozilla Rust has an unspecified vulnerability (CNVD-2022-03127)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation.A security vulnerability exists in versions of Rust tectonicxdv crate prior to 0.1.12, which stems from XdvParser::::process can read data from uninitialized memory locations. No detailed vulnerability details ar...

Mozilla Rust has an unspecified vulnerability (CNVD-2022-03128)

Rust, a general-purpose, compiled programming language from the Mozilla Foundation, has a security vulnerability in versions prior to Rust zeroizederive crate 1.1.1, which stems from the fact that deleted memory is not set to zero. No details of the vulnerability are currently available...

Mozilla Rust has an unspecified vulnerability (CNVD-2022-03124)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. version 0.9.7 before Rust sha2 crate 0.9.8 contains a security vulnerability in which the hash of a long message may be incorrect when the AVX2-accelerated backend is used. No details of the vulnerability are...

Mozilla Rust has an unspecified vulnerability (CNVD-2022-03123)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. a security vulnerability exists in versions of Rust prior to ckb crate 0.40.0, which stems from a failed getblocktemplate RPC call. No details of the vulnerability are currently available...

Mozilla Rust has an unspecified vulnerability (CNVD-2022-03130)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. version 0.6.0 before Rust simpleasn1 crate 0.6.1 contains a security vulnerability that can be triggered if a remote attacker exploits the vulnerability to provide UTCTime data with a second character larger tha...

Mozilla Rust has an unspecified vulnerability (CNVD-2022-03126)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. security vulnerabilities exist in versions of Rust tremor-script crate prior to 0.11.6, which can lead to resource management errors. No details of the vulnerability are currently available...

Mozilla Rust actix-web crate memory corruption vulnerability

Rust actix-web crate is a Rust web framework. security vulnerability exists in Mozilla Rust actix-web crate versions prior to 0.7.15, which can be exploited by attackers to cause memory corruption...

Mozilla Rust has an unspecified vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. a security vulnerability exists in versions of Rust smallvec crate prior to 0.6.13, which stems from the fact that it can create uninitialized values of any type, including reference types. No details of the...

Mozilla Rust actix-web crate memory corruption vulnerability

Rust actix-web crate is a Rust web framework. a security vulnerability exists in versions of Rust actix-web crate prior to 0.7.15, which stems from the fact that it can unreasonably prolong the life cycle of a string, which can be exploited by an attacker to cause memory corruption...

Unspecified vulnerability exists in Rust acc_reader crate (CNVD-2022-04013)

Rust accreader crate is a structure that provides an AccReader that wraps an arbitrary instance of std::io::Read and provides an implementation of std::io::Seek for it. Readupto can read data from an uninitialized memory location. No details of the vulnerability are currently available...

Mozilla Rust actix-web crate memory corruption vulnerability

Rust actix-web crate is a Rust web framework. mozilla Rust actix-web crate memory corruption vulnerability can be exploited by attackers to cause memory corruption...

Mozilla Rust libpulse-binding crate memory corruption vulnerability

Rust libpulse-binding crate is a repository containing sys FFI and binding libraries crates for connecting to PulseAudio PA from the Rust programming language.Mozilla Rust libpulse-binding crate memory corruption vulnerability, which stems from a security flaw in A security vulnerability exists i...

Rust rusqlite crate memory corruption vulnerability (CNVD-2022-04011)

Rust rusqlite crate is an ergonomic wrapper for using SQLite from Rust. it attempts to expose a rust-postgres-like interface. versions 0.25.x prior to 0.25.4 and 0.26.x prior to 0.26.2 of Rust rusqlite crate are vulnerable to security vulnerability, which stems from a resource management error in...