CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

217 matches found

OSV•added 2022/06/17 12:19 a.m.•17 views

GHSA-3M6F-3GFG-4X56 Panic on incorrect date input to `simple_asn1`

Version 0.6.0 of the simpleasn1 crate panics on certain malformed inputs to its parsing functions, including fromder and derdecode. Because this crate is frequently used with inputs from the network, this should be considered a security vulnerability. The issue occurs when parsing the old ASN.1...

7.5CVSS7.4AI score0.0134EPSS

Exploits0References4

Github Security Blog•added 2022/06/17 12:19 a.m.•19 views

Panic on incorrect date input to `simple_asn1`

2.4AI score

Exploits0References4Affected Software1

vulnersOsv•added 2022/05/10 12:0 p.m.•1 views

a2 (>=0.5.0-alpha.6 <=0.5.0-alpha.7), abci-rs (=0.2.0) +425 more potentially affected by unknown CVE via crossbeam-queue (>=0.1.2 <=0.2.0)

crossbeam-queue CARGO version =0.1.2, =0.5.0-alpha.6, =0.0.2, =0.0.1, =0.1.0-alpha.2, =0.1.5, =0.12.0, =0.5.0, =0.1.0, =0.3.0 - amethyst-navigation =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0021...

5.8AI score

Exploits0

vulnersOsv•added 2022/05/10 12:0 p.m.•5 views

a2 (>=0.2.0 <=0.3.6), abc (>=0.1.0 <=0.2.3) +521 more potentially affected by unknown CVE via crossbeam (>=0.1.6 <=0.6.0)

crossbeam CARGO version =0.1.6, =0.2.0, =0.1.0, =0.1.0, =0.0.1, =0.0.1, =0.2.0, =0.5.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.0, =0.8.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0020...

5.8AI score

Exploits0

vulnersOsv•added 2022/03/22 12:0 p.m.•2 views

deno (>=0.35.0 <=1.3.0), diss (>=0.0.1 <=0.2.10) +8 more potentially affected by unknown CVE via pty (>=0.1.6 <=0.2.2)

pty CARGO version =0.1.6, =0.35.0, =0.0.1, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.0.1, =0.0.0, =0.1.0 - webterm-rs =0.1.4 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0015...

5.8AI score

Exploits0

vulnersOsv•added 2022/03/15 12:0 p.m.•0 views

openssl-sys (>=0.9.35 <=0.9.37) potentially affected by CVE-2022-0778 via openssl-src (=110.0.7+1.1.0i)

openssl-src CARGO version =110.0.7+1.1.0i is affected by a known vulnerability. The following packages have a transitive dependency on openssl-src and may be impacted: - openssl-sys =0.9.35, =0.9.37 Source cves: CVE-2022-0778 Source advisory: OSV:RUSTSEC-2022-0014...

7.5CVSS6.9AI score0.70561EPSS

Exploits2

vulnersOsv•added 2022/02/17 12:0 p.m.•0 views

auto-wasi (=0.1.0), ceres-executor (>=0.1.0 <=0.2.0) +43 more potentially affected by CVE-2022-23636 +1 more via wasmtime (>=0.10.0 <=0.33.0)

wasmtime CARGO version =0.10.0, =0.1.0, =0.40.1, =0.45.0, =0.1.0, =0.1.0, =0.3.3, =0.1.0, =0.8.0, =0.8.0, =0.8.1 - tc-executor-wasmtime =0.8.0 and more Source cves: CVE-2022-23636, CVE-2022-31169 Source advisory: OSV:RUSTSEC-2022-0096...

8.1CVSS7.2AI score0.0076EPSS

Exploits1

OSV•added 2022/02/17 12:0 p.m.•1 views

RUSTSEC-2022-0096 Invalid drop of VMExternRef from partially-initialized instances in the pooling instance allocator

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-88xq-w8cq-xfg7. For more information see the GitHub-hosted security advisory...

8.1CVSS5.9AI score0.0076EPSS

Exploits1References3

vulnersOsv•added 2022/01/22 12:0 p.m.•4 views

bme280-multibus (>=0.1.0 <=0.2.1), eeprom25aa02e48 (>=0.1.0 <=0.2.0) potentially affected by unknown CVE via ftd2xx-embedded-hal (>=0.1.0 <=0.9.1)

ftd2xx-embedded-hal CARGO version =0.1.0, =0.1.0, =0.1.0, =0.2.0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0005...

5.8AI score

Exploits0

vulnersOsv•added 2022/01/17 12:0 p.m.•2 views

odbc-avro (>=0.1.0 <=0.2.1), odbc-iter (>=0.1.0 <=0.2.7) +6 more potentially affected by unknown CVE via odbc (>=0.10.2 <=0.9.17)

odbc CARGO version =0.10.2, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.1, =0.1.0, =0.1.1 - unidbpgsql =0.1.0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0039...

5.8AI score

Exploits0

vulnersOsv•added 2022/01/05 12:0 p.m.•0 views

azoth (=0.1.0), azoth-lmdb (>=0.1.0 <=0.2.5) +26 more potentially affected by unknown CVE via lmdb (>=0.7.2 <=0.8.0)

lmdb CARGO version =0.7.2, =0.1.0, =0.1.0, =0.4.0, =0.1.0, =0.1.0, =0.1.0, =0.9.3, =0.1.0, =1.3.3, =0.1.0, =0.1.0, =0.5.0, =0.8.4 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0001...

5.8AI score

Exploits0

vulnersOsv•added 2022/01/01 12:0 p.m.•1 views

GSL (>=0.4.25 <=0.4.26), IMAPServer (=0.0.0) +4479 more potentially affected by unknown CVE via rustc-serialize (>=0.1.5 <=0.3.25)

rustc-serialize CARGO version =0.1.5, =0.4.25, =0.1.0, =0.1.7, =0.2.0-beta.4, =0.0.6, =0.1.0, =0.2.1, =0.1.4, =0.1.1, =0.3.0 - ace-test-lib =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0004...

5.5AI score

Exploits0

vulnersOsv•added 2021/12/24 12:0 p.m.•16 views

adiscord (>=0.0.1 <=0.0.3), alpaca-data-api (>=0.1.0 <=0.1.2) +20 more potentially affected by unknown CVE via dotenv_codegen (>=0.10.0 <=0.9.3)

dotenvcodegen CARGO version =0.10.0, =0.0.1, =0.1.0, =0.5.0, =0.1.0, =0.1.0, =0.1.2, =0.7.0, =0.1.0, =0.1.0, =0.3.0 - meep =1.0.1 - ncrsdk =0.1.0 - new-rawr =0.0.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2021-0142...

5.8AI score

Exploits0

RustSec•added 2021/11/14 12:0 p.m.•17 views

Panic on incorrect date input to `simple_asn1`

7.5CVSS2.4AI score0.0134EPSS

Exploits0Affected Software1

vulnersOsv•added 2021/10/31 12:0 p.m.•4 views

arrow (>=0.14.0 <=4.4.0), arrow-flight (>=2.0.0 <=4.4.0) +73 more potentially affected by unknown CVE via flatbuffers (>=0.4.0 <=22.12.6)

flatbuffers CARGO version =0.4.0, =0.14.0, =2.0.0, =1.0.0, =0.2.0, =0.1.0, =0.2.0, =0.1.0, =0.1.0, =0.17.0, =0.1.1, =0.1.0, =0.1.0, =0.1.3 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2021-0122...

5.8AI score

Exploits0

OSV•added 2021/10/04 12:0 p.m.•10 views

RUSTSEC-2021-0144 traitobject is Unmaintained

Crate traitobject has not had a release for over five years. In addition there is an existing security advisory that has not been addressed: - RUSTSEC-2020-0027 Possible Alternatives The below list has not been vetted in any way and may or may not contain alternatives; - destructuretraitobject...

7.2AI score

Exploits0References4

OSV•added 2021/08/25 9:1 p.m.•16 views

GHSA-V5M7-53CV-F3HX crossbeam-channel Undefined Behavior before v0.4.4

Impact The affected version of this crate's the bounded channel incorrectly assumes that Vec::fromiter has allocated capacity that same as the number of iterator elements. Vec::fromiter does not actually guarantee that and may allocate extra memory. The destructor of the bounded channel...

8.1CVSS7.2AI score0.02743EPSS

Exploits2References7

vulnersOsv•added 2021/08/16 12:0 p.m.•1 views

LemoGUI (=0.0.1-nightly), acidalia (>=0.1.0 <=0.1.3) +215 more potentially affected by unknown CVE via spirv_headers (>=1.4.2 <=1.5.0)

spirvheaders CARGO version =1.4.2, =0.1.0, =0.1.0, =0.5.4, =1.0.9, =0.2.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.4.0, =0.6.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2021-0096...

5.8AI score

Exploits0

vulnersOsv•added 2021/08/15 12:0 p.m.•4 views

Boa (>=0.4.0 <=0.13.1), HPGO (=0.9.2) +3715 more potentially affected by unknown CVE via serde_cbor (>=0.10.2 <=0.9.0)

serdecbor CARGO version =0.10.2, =0.4.0, =0.1.0, =0.1.0, =0.1.0, =0.0.2, =0.4.1, =0.8.0, =0.9.0, =0.1.0, =0.1.0, =1.0.0, =1.0.3 - accurate =0.3.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2021-0127...

5.5AI score

Exploits0

OSV•added 2021/07/30 12:0 p.m.•3 views

RUSTSEC-2021-0103 Partial read is incorrect in molecule

Anyone who uses totalsize.. function to partial read the length of any FixVec will get an incorrect result, due to an incorrect implementation. This has been resolved in the 0.7.2 release...

9.8CVSS5.8AI score0.01318EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by