The vulnerability of the “Error::type_id” method in the Rust programming language allows a perpetrator to execute arbitrary code.

The vulnerability of the “Error::typeid” method in the Rust programming language is related to improper restrictions on operations within memory buffers. Exploiting this vulnerability allows an attacker to execute arbitrary code...

The vulnerability of the Rust programming language plugin rustdoc, which allows a hacker to execute arbitrary code

The vulnerability of the Rust programming language plugin rustdoc is related to an uncontrolled element in the search process. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

AitSar (=0.1.1), SadieFish (=0.1.1) +621 more potentially affected by unknown CVE via stb_truetype (>=0.1.2 <=0.3.1)

stbtruetype CARGO version =0.1.2, =0.1.0, =0.1.0, =0.0.1, =0.1.1, =0.1.1, =0.1.0, =0.4.0, =0.3.0, =0.1.0, =0.3.0 - airkit =0.1.0 - airsim =0.2.0 - alacritty =0.5.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2020-0020...

dalfox

Looking for the Go v2.x version? Dalfox v3 is a complete...

abd-clam (>=0.10.0-dev0 <=0.12.1), alopex-dataframe (=0.2.0) +354 more potentially affected by CVE-2020-35864 via flatbuffers (>=0.4.0 <=25.12.19)

flatbuffers CARGO version =0.4.0, =0.10.0-dev0, =0.3.0, =0.6.0, =0.6.0, =0.14.0, =0.3.0, =28.0.0, =58.0.0 and more Source cves: CVE-2020-35864 Source advisory: OSV:RUSTSEC-2020-0009...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0796 LPE CVE-2020-0796 SMBGhost LPE Usage Ins...

CVE-2018-1000622

The Rust Programming Language rustdoc version Between 0.8 and 1.27.0 contains a CWE-427: Uncontrolled Search Path Element vulnerability in rustdoc plugins that can result in local code execution as a different user. This attack appear to be exploitable via using the --plugin flag without the...

CVE-2019-13224

A use-after-free in onignewdeluxe in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte...

Exploit for Path Traversal in Nazgul Nostromo_Nhttpd

CVE-2019-16278 !Rusthttps://github.com/keshiba/cve-2019-16...

ABC_Game_Engine (>=0.1.0 <=0.1.2), AskAI (=0.1.0) +42058 more potentially affected by CVE-2020-35861 via bumpalo (>=3.14.0 <=3.20.3)

bumpalo CARGO version =3.14.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.6, =0.0.0, =0.1.2, =0.0.0, =0.1.0-beta.1, =0.0.8, =0.1.15 and more Source cves: CVE-2020-35861 Source advisory: OSV:RUSTSEC-2020-0006...

llvm-alt (>=0.3.2 <=0.5.0), llvm-rs (>=0.1.0 <=0.2.1) potentially affected by CVE-2020-35860 via cbox (=0.3.0)

cbox CARGO version =0.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on cbox and may be impacted: - llvm-alt =0.3.2, =0.1.0, =0.2.1 Source cves: CVE-2020-35860 Source advisory: OSV:RUSTSEC-2020-0005...

algorithmia (=3.0.0-beta), approveapi (=0.1.0) +164 more potentially affected by CVE-2020-35863 via hyper (>=0.11.27 <=0.12.19)

hyper CARGO version =0.11.27, =0.1.0, =0.2.0, =1.5.0, =0.4.2, =0.1.0, =0.1.0, =0.37.0, =0.39.2 and more Source cves: CVE-2020-35863 Source advisory: OSV:RUSTSEC-2020-0008...

annatar (>=0.4.3 <=0.5.8), ansi2png-rs (>=0.1.0 <=0.1.1) +82 more potentially affected by CVE-2020-35879 via rulinalg (=0.4.2)

rulinalg CARGO version =0.4.2 is affected by a known vulnerability. The following packages have a transitive dependency on rulinalg and may be impacted: - annatar =0.4.3, =0.1.0, =0.2.9, =14.1.0, =0.1.5, =0.1.0, =0.1.0, =0.4.0, =1.0.0, =0.3.2, =0.1.0, =0.1.3 - electro =0.9.3 and more Source cves:...

annatar (>=0.4.3 <=0.5.8), ansi2png-rs (>=0.1.0 <=0.1.1) +95 more potentially affected by unknown CVE via rulinalg (>=0.1.0 <=0.4.2)

rulinalg CARGO version =0.1.0, =0.4.3, =0.1.0, =0.2.9, =14.1.0, =0.1.5, =0.1.0, =0.1.0, =0.4.0, =1.0.0, =0.3.2, =0.3.3 - dali =0.3.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2020-0147...

Lifetime boundary for `raw_slice` and `raw_slice_mut` are incorrect

The affected version of rulinalg has incorrect lifetime boundary definitions for RowMut::rawslice and RowMut::rawslicemut. They do not conform with Rust's borrowing rule and allows the user to create multiple mutable references to the same location. This may result in unexpected calculation resul...

aiowrap (=0.1.0), ambisonic (>=0.1.0 <=0.3.1) +157 more potentially affected by unknown CVE via slice-deque (>=0.1.16 <=0.3.0)

slice-deque CARGO version =0.1.16, =0.1.0, =0.8.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.8.0, =0.3.0, =0.3.0, =0.4.0, =0.8.0, =0.15.3 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2020-0158...

HiddenBytes (=0.1.0), Rust-wasm (=0.1.0) +745 more potentially affected by unknown CVE via lzw (=0.10.0)

lzw CARGO version =0.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on lzw and may be impacted: - HiddenBytes =0.1.0 - Rust-wasm =0.1.0 - aart =0.1.0, =0.1.0, =0.0.3, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.8.0, =0.15.3 - amethyst-console =0.1.0 -...

lightbeam (>=0.7.0 <=0.15.0), llama-wasm (>=0.1.0 <=0.5.0) +1 more potentially affected by unknown CVE via multi_mut (=0.1.3)

multimut CARGO version =0.1.3 is affected by a known vulnerability. The following packages have a transitive dependency on multimut and may be impacted: - lightbeam =0.7.0, =0.1.0, =0.7.0, =0.15.0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2020-0169...

RUSTSEC-2020-0169 multi_mut is Unmaintained

Last release was about 6 years ago. There is an outstanding soundness issue. The maintainer has not responded for two years to the existing soundness issue. Rust compiler has enabled errors relating to LLVM noalias rules and may not compile anymore where as the old compiler versions had turned...

multi_mut is Unmaintained

Last release was about 6 years ago. There is an outstanding soundness issue. The maintainer has not responded for two years to the existing soundness issue. Rust compiler has enabled errors relating to LLVM noalias rules and may not compile anymore where as the old compiler versions had turned...