CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Github Security Blog•added 2026/05/05 9:46 p.m.•9 views

rust-openssl has undefined behavior in X509Ref::ocsp_responders for certificates with non-UTF-8 OCSP URLs

8.7CVSS5.9AI score0.00211EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2026/05/05 12:0 a.m.•12 views

PT-2026-37265

Name of the Vulnerable Software and Affected Versions rust-openssl versions 0.9.7 through 0.10.78 Description The X509Ref::ocsp responders function returns OCSP responder URLs from a certificate's AIA extension as OpensslString. The Deref implementation wraps raw bytes using str::from utf8...

8.7CVSS5.9AI score0.00211EPSS

Exploits0References7

OSV•added 2026/05/02 12:0 p.m.•6 views

RUSTSEC-2026-0133 Invalid pointer arithmetic in `iter()` and `iter_mut()`

The iter and itermut APIs compute current = &children0 as const const RawAutoChild.sub1, which performs pointer subtraction going before the start of the allocation. This is undefined behavior per Rust's pointer arithmetic rules. This can be triggered through safe public APIs — iter and itermut —...

OSV•added 2026/05/02 12:0 p.m.•6 views

RUSTSEC-2026-0123 Out-of-bounds read in `bytes_helper` public safe functions

The byteshelper module contains multiple public functions intoarr4, intoarr2, u8fromlebytes that use slice.getuncheckedpos..pos + N without verifying that pos + N = slice.len. These are public safe API functions, allowing any caller to trigger undefined behavior by passing invalid positions. For...

RustSec•added 2026/05/02 12:0 p.m.•12 views

Invalid pointer arithmetic in `iter()` and `iter_mut()`

RustSec•added 2026/05/02 12:0 p.m.•12 views

Exploits0

Null-pointer dereference and double-free via safe APIs

Two soundness violations exist in the Rust bindings for MetaCall: Null-pointer dereference: MetaCallFuture::newraw accepts a raw pointer without validation. The Debug impl calls Box::fromrawself.data on it. Passing a null pointer causes the Debug impl to construct a NonNull from null, producing...

CNNVD•added 2026/05/01 12:0 a.m.•8 views

Exploits0

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unchecked index mapping error in the ALSA ctxfi driver, which could lead to undefined behavior...

5.5CVSS5.8AI score0.00107EPSS

CNNVD•added 2026/05/01 12:0 a.m.•6 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to ensure that names end with a null character in netfilter xtables, which could lead to undefined...

7.1CVSS5.8AI score0.00126EPSS

CNNVD•added 2026/05/01 12:0 a.m.•7 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to deny immediate NFQUEUE verdicts in netfilter nftables, which could lead to undefined behavior...

5.5CVSS5.8AI score0.00123EPSS

CNNVD•added 2026/04/30 12:0 a.m.•8 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper initialization of certain local variables during replay requests, potentially leading to...

7.8CVSS5.8AI score0.00129EPSS

Tenable Nessus•added 2026/04/29 12:0 a.m.•6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-015470)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-015470 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior...

6.1CVSS6.1AI score0.0038EPSS

Exploits1References4

OSV•added 2026/04/24 3:57 p.m.•5 views

GHSA-38C5-483C-4QQP Grid: Integer Overflow in Grid::expand_rows Leads to Safe-API Undefined Behavior

Summary An integer overflow in Grid::expandrows can corrupt the relationship between the grid’s logical dimensions and its backing storage. After the internal invariant is broken, the safe API get may invoke getunchecked with an invalid index, resulting in Undefined Behavior. Details Tested...

6.2CVSS5.4AI score0.00132EPSS

Exploits0References5

Github Security Blog•added 2026/04/24 3:57 p.m.•13 views

Grid: Integer Overflow in Grid::expand_rows Leads to Safe-API Undefined Behavior

6.2CVSS5.3AI score0.00132EPSS

Exploits0References5Affected Software1

RustSec•added 2026/04/24 12:0 p.m.•11 views

Unsound transmute while debug/display printing batch Insert statements in Diesel's SQLite backend

Diesel allows users to output the generated SQL for any query DSL construct via th diesel::debugquery function as Display and Debug output. For the particular implementation used by batch Insert statements in the SQLite backend Diesel relied on an unspecified transmute between types with a reprru...

5.9AI score

Exploits0Affected Software1

OSV•added 2026/04/24 12:0 p.m.•7 views

RUSTSEC-2026-0134 Unsound access to padding bytes while serializing date/time values using the Mysql backend

Diesel relies on libmysqlclient for interacting with Mysql compatible databases. This library requires to provide date/time values according to the byte layout of their MYSQLTIME type. Diesel replicated this type as reprC struct, populated all the fields of this struct and then casted this value ...