Rust 缓冲区错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in PartialReader in the uuod crate for Rust versions prior to 0.0.4, which can be exploited by an attacker to read the contents of an uninitialized memory location via a...

af-core (>=0.1.0 <=0.1.8), af-lib (=0.1.1) +51 more potentially affected by CVE-2021-1000007 +1 more via parse_duration (>=1.0.3 <=2.1.1)

parseduration CARGO version =1.0.3, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.6.2, =0.6.2, =0.6.2, =0.1.0, =0.1.0, =0.3.12, =0.1.0, =0.1.0, =0.3.0 and more Source cves: CVE-2021-1000007, CVE-2021-29932 Source advisory: OSV:RUSTSEC-2021-0041...

Convuster: macOS adware now in Rust

Introduction Traditionally, most malicious objects detected on the macOS platform are adware: besides the already familiar Shlayer family, the TOP 10 includes Bnodlero, Cimpli, Adload and Pirrit adware. As a rule, most tend to be written in C, Objective-C or Swift. Recently, however, cybercrimina...

HTTP Bridge - Send TCP Stream Packets Over Simple HTTP Request

I've wrote this program as a proof of concept to test the idea of be able to send tcp stream packets over simple http request like PUT, PATCH, POST, GET, without use a proxy way like CONNECT method. Also as a practice exercise to train my novice skill on rust language. Description These tool is...

CVE-2021-28308

An issue was discovered in the fltk crate before 0.15.3 for Rust. There is an out-of bounds read because the pixmap constructor lacks pixmap input validation...

CVE-2021-28307

An issue was discovered in the fltk crate before 0.15.3 for Rust. There is a NULL pointer dereference during attempted use of a non-raster image for a window icon...

CVE-2021-28305

An issue was discovered in the diesel crate before 1.4.6 for Rust. There is a use-after-free in the SQLite backend because the semantics of sqlite3columnname are not followed...

CVE-2021-28306

An issue was discovered in the fltk crate before 0.15.3 for Rust. There is a NULL pointer dereference during attempted use of a multi label type if the image is nonexistent...

DEBIAN-CVE-2021-28305

An issue was discovered in the diesel crate before 1.4.6 for Rust. There is a use-after-free in the SQLite backend because the semantics of sqlite3columnname are not followed...

CVE-2021-28306

An issue was discovered in the fltk crate before 0.15.3 for Rust. There is a NULL pointer dereference during attempted use of a multi label type if the image is nonexistent...

CVE-2021-28305

An issue was discovered in the diesel crate before 1.4.6 for Rust. There is a use-after-free in the SQLite backend because the semantics of sqlite3columnname are not followed...

Null pointer dereference

An issue was discovered in the fltk crate before 0.15.3 for Rust. There is a NULL pointer dereference during attempted use of a non-raster image for a window icon...

Null pointer dereference

An issue was discovered in the fltk crate before 0.15.3 for Rust. There is a NULL pointer dereference during attempted use of a multi label type if the image is nonexistent...

Design/Logic Flaw

An issue was discovered in the diesel crate before 1.4.6 for Rust. There is a use-after-free in the SQLite backend because the semantics of sqlite3columnname are not followed...

CVE-2021-28305

An issue was discovered in the diesel crate before 1.4.6 for Rust. There is a use-after-free in the SQLite backend because the semantics of sqlite3columnname are not followed...

CVE-2021-28305

CVE-2021-28305 affects the diesel crate prior to 1.4.6 for Rust. The SQLite backend has a use-after-free due to not following sqlite3_column_name semantics. This is documented across Red Hat, OSV/GHSA entries, but the exact patch version isn’t specified here; no exploit vectors are provided. Moni...

CVE-2021-28305

An issue was discovered in the diesel crate before 1.4.6 for Rust. There is a use-after-free in the SQLite backend because the semantics of sqlite3columnname are not followed...

CVE-2021-28306

CVE-2021-28306 affects the Rust fltk crate (before 0.15.3). The issue is a NULL pointer dereference when using a multi-label type if the image is nonexistent (also mapped to an out-of-bounds read in related advisories). The root cause is dereferencing a null/invalid image reference, potentially l...

CVE-2021-28307

CVE-2021-28307 affects the Rust crate fltk before version 0.15.3 . The issue is a NULL pointer dereference during attempted use of a non-raster image for a window icon. Multiple connected advisories (Red Hat, OSV, GHSA) reiterate this flaw; no patch/version remediation details are provided in the...

CVE-2021-28307

An issue was discovered in the fltk crate before 0.15.3 for Rust. There is a NULL pointer dereference during attempted use of a non-raster image for a window icon...