CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

vulnersOsv•added 2020/12/10 12:0 p.m.•2 views

honeycomb-tracing (=0.0.1) potentially affected by CVE-2020-36207 via aovec (=1.1.0)

aovec CARGO version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on aovec and may be impacted: - honeycomb-tracing =0.0.1 Source cves: CVE-2020-36207 Source advisory: OSV:RUSTSEC-2020-0099...

7CVSS7AI score0.00068EPSS

vulnersOsv•added 2020/12/10 12:0 p.m.•1 views

AsgoreCore (>=0.1.0 <=0.1.2), RustyBox (=0.1.0) +425 more potentially affected by CVE-2020-36205 via xcb (>=0.10.1 <=0.9.0)

xcb CARGO version =0.10.1, =0.1.0, =0.1.0, =0.4.0, =0.1.0, =1.0.9, =0.6.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.3.0 and more Source cves: CVE-2020-36205 Source advisory: OSV:RUSTSEC-2020-0097...

5.5CVSS5.9AI score0.00059EPSS

OSV•added 2020/12/10 12:0 p.m.•17 views

RUSTSEC-2020-0097 Soundness issue with base::Error

base::Error type contains public field named ptr. With this definition, it is possible to create a base::Error with an invalid pointer and trigger memory safety errors such as use-after-free or double-free with safe Rust. The users of xcb crate are advised not to manipulate the field...

5.5CVSS5.5AI score0.00059EPSS

Exploits1References3

vulnersOsv•added 2020/12/09 12:0 p.m.•3 views

czkawka_gui_orbtk (>=1.0.1 <=1.5.1), orbtk (>=0.3.0 <=0.3.1-alpha-1) +4 more potentially affected by CVE-2020-36459 via dces (>=0.2.0 <=0.3.1)

dces CARGO version =0.2.0, =1.0.1, =0.3.0, =0.3.0-alpha1, =0.3.0-alpha1, =0.3.0-alpha1, =0.3.1-alpha4 Source cves: CVE-2020-36459 Source advisory: OSV:RUSTSEC-2020-0139...

8.1CVSS7.2AI score0.00477EPSS

vulnersOsv•added 2020/12/09 12:0 p.m.•2 views

async-metronome (=0.2.0), bach (>=0.0.1 <=0.0.2) +18 more potentially affected by CVE-2020-35926 via nanorand (=0.4.4)

nanorand CARGO version =0.4.4 is affected by a known vulnerability. The following packages have a transitive dependency on nanorand and may be impacted: - async-metronome =0.2.0 - bach =0.0.1, =0.8.6, =0.1.0, =0.1.0, =0.4.3, =0.1.0, =0.0.1, =0.1.3, =0.1.4 - rune-cli =0.7.0 and more Source cves:...

9.8CVSS7.2AI score0.00433EPSS

vulnersOsv•added 2020/12/06 12:0 p.m.•0 views

adi (>=0.4.0 <=0.6.0), adi_screen (>=0.3.0 <=0.7.0) +167 more potentially affected by CVE-2020-35923 via ordered-float (>=0.2.3 <=1.0.2)

ordered-float CARGO version =0.2.3, =0.4.0, =0.3.0, =0.7.5, =0.6.0, =0.1.0, =0.1.0, =0.1.1, =0.2.0, =3.1.3, =0.1.1, =0.9.0, =0.23.0 and more Source cves: CVE-2020-35923 Source advisory: OSV:RUSTSEC-2020-0082...

5.5CVSS6AI score0.00135EPSS

vulnersOsv•added 2020/12/02 12:0 p.m.•0 views

AitSar (=0.1.1), Boa (>=0.9.0 <=0.10.0) +1427 more potentially affected by unknown CVE via memmap (>=0.1.0 <=0.7.0)

memmap CARGO version =0.1.0, =0.9.0, =0.1.0, =0.1.23, =0.0.1, =0.1.1, =0.1.1, =0.1.0, =0.1.0, =0.1.0, =0.0.1, =0.0.3 - aflakimgui-glium-renderer =0.18.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2020-0077...

5.5AI score

OSV•added 2020/11/24 10:15 p.m.•16 views

CVE-2020-26235

In Rust time crate from version 0.2.7 and before version 0.2.23, unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires the user to set any environment variable in a different thread than the affected functions. The affected...

5.3CVSS5.1AI score

Exploits0References3

NVD•added 2020/11/24 10:15 p.m.•10 views

CVE-2020-26235

Prion•added 2020/11/24 10:15 p.m.•8 views

Exploits0References3

Design/Logic Flaw

3.5CVSS5AI score0.00499EPSS

Exploits0References3Affected Software1

OSV•added 2020/11/24 10:15 p.m.•1 views

UBUNTU-CVE-2020-26235

5.3CVSS5.8AI score0.00499EPSS

Exploits0References5

CVE•added 2020/11/24 9:20 p.m.•333 views

CVE-2020-26235

CVE-2020-26235 affects the Rust time crate: versions 0.2.7 through before 0.2.23 can segfault on unix-like OSes when an environment variable is set from another thread, due to a dangling pointer dereference. Affected functions include time::UtcOffset::local_offset_at, try_local_offset_at, current...

5.3CVSS5AI score0.00499EPSS

Exploits0References3Affected Software1

AlpineLinux•added 2020/11/24 9:20 p.m.•45 views

CVE-2020-26235

Debian CVE•added 2020/11/24 9:20 p.m.•21 views

CVE-2020-26235

Cvelist•added 2020/11/24 9:20 p.m.•13 views

CVE-2020-26235 Segmentation fault in Rust time crate

CNNVD•added 2020/11/24 12:0 a.m.•2 views

Exploits0References3

Rust time crate code issue vulnerability

Rust is a general-purpose, compiled programming language. A security vulnerability exists in Rust time crate versions 0.2.7 through 0.2.23, which stems from the possibility that the unix operating system may experience a segmentation fault due to the dereferencing of a dangling pointer in a...

5.3CVSS6AI score0.00499EPSS

Exploits0References4

UbuntuCve•added 2020/11/24 12:0 a.m.•16 views

CVE-2020-26235

5.3CVSS6.1AI score0.00499EPSS

Exploits0References4

vulnersOsv•added 2020/11/18 12:0 p.m.•2 views

AskAI (=0.1.0), Boa (>=0.1.4 <=0.1.5) +7100 more potentially affected by CVE-2020-26235 via time (>=0.1.25 <=0.1.45)

time CARGO version =0.1.25, =0.1.4, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.1 - ablavema =0.4.2 - abra =0.0.1 and more Source cves: CVE-2020-26235 Source advisory: OSV:RUSTSEC-2020-0071...

5.3CVSS5.9AI score0.00499EPSS

vulnersOsv•added 2020/11/15 12:0 p.m.•2 views

canonical (>=0.4.1 <=0.5.3), canonical_collections (=0.4.0) +11 more potentially affected by CVE-2020-36469 via appendix (=0.2.2)

appendix CARGO version =0.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on appendix and may be impacted: - canonical =0.4.1, =0.4.0, =0.4.3, =0.4.0, =0.6.0, =0.1.0, =0.18.0, =0.11.0, =0.4.0, =0.6.0, =0.7.0 - rusk-abi =0.7.0 - rusk-vm =0.12.0-rc.0...

5.9CVSS6.2AI score0.0028EPSS