637 matches found
RUSTSEC-2025-0067 `libyml::string::yaml_string_extend` is unsound and unmaintained
In version 0.0.4, libyml::string::yamlstringextend was revised resulting in undefined behaviour, which is unsound. The GitHub project for libyml was archived after unsoundness issues were raised. If you rely on this crate, it is highly recommended switching to a maintained alternative. Recommende...
CVE-2025-10250 DJI Mavic Spark/Mavic Air/Mavic Mini Telemetry Channel hard-coded key
A weakness has been identified in DJI Mavic Spark, Mavic Air and Mavic Mini 01.00.0500. Affected is an unknown function of the component Telemetry Channel. Executing manipulation can lead to use of hard-coded cryptographic key . The attacker needs to be present on the local network. A high...
CVE-2025-10220
Use of Unmaintained Third Party Components CWE-1104 in the NuGet dependency components in AxxonSoft Axxon One VMS 2.0.0 through 2.0.4 on Windows allows a remote attacker to execute arbitrary code or bypass security features via exploitation of vulnerable third-party packages such as...
CVE-2025-10220
Use of Unmaintained Third Party Components CWE-1104 in the NuGet dependency components in AxxonSoft Axxon One VMS 2.0.0 through 2.0.4 on Windows allows a remote attacker to execute arbitrary code or bypass security features via exploitation of vulnerable third-party packages such as...
CVE-2025-10220 Outdated Third-Party NuGet Packages in AxxonSoft Axxon One VMS 2.0.0 through 2.0.4
Use of Unmaintained Third Party Components CWE-1104 in the NuGet dependency components in AxxonSoft Axxon One VMS 2.0.0 through 2.0.4 on Windows allows a remote attacker to execute arbitrary code or bypass security features via exploitation of vulnerable third-party packages such as...
AxxonSoft AxxonOne 安全漏洞
AxxonSoft AxxonOne is a video surveillance and security management software from AxxonSoft Ireland. A security vulnerability exists in AxxonSoft AxxonOne version 2.0.4 and earlier, which stems from the use of unmaintained third-party components and could lead to the execution of arbitrary code or...
RUSTSEC-2025-0066 The `google-apis-rs` project is now unmaintained
Instead, please start using and migrate to the official Google Rust bindings...
The `google-apis-rs` project is now unmaintained
Instead, please start using and migrate to the official Google Rust bindings...
crypto-hash crate is unmaintained
The crypto-hash crate is no longer actively maintained. If you rely on this crate, consider switching to a maintained alternative. Recommended alternatives - crypto-hashes...
iron crate is unmaintained
The iron crate is no longer actively maintained. If you rely on this crate, consider switching to a maintained alternative. Recommended alternatives See this comparison for popular alternatives...
servo-fontconfig crate is unmaintained
The servo-fontconfig crate is no longer actively maintained. If you rely on this crate, consider switching to a maintained alternative. Recommended alternatives - fontconfig-rs...
RUSTSEC-2025-0059 servo-fontconfig crate is unmaintained
The servo-fontconfig crate is no longer actively maintained. If you rely on this crate, consider switching to a maintained alternative. Recommended alternatives - fontconfig-rs...
RUSTSEC-2025-0061 iron crate is unmaintained
The iron crate is no longer actively maintained. If you rely on this crate, consider switching to a maintained alternative. Recommended alternatives See this comparison for popular alternatives...
RUSTSEC-2025-0060 crypto-hash crate is unmaintained
The crypto-hash crate is no longer actively maintained. If you rely on this crate, consider switching to a maintained alternative. Recommended alternatives - crypto-hashes...
RUSTSEC-2025-0058 custom_derive crate is unmaintained
The customderive crate is no longer actively maintained. If you rely on this crate, consider switching to a maintained alternative. Recommended alternatives - strum - macro-attr...
custom_derive crate is unmaintained
The customderive crate is no longer actively maintained. If you rely on this crate, consider switching to a maintained alternative. Recommended alternatives - strum - macro-attr...
RUSTSEC-2025-0056 adler crate is unmaintained, use adler2 instead
The adler crate is no longer actively maintained. If you rely on this crate, consider switching to a maintained alternative. Recommended alternatives - adler2...
adler crate is unmaintained, use adler2 instead
The adler crate is no longer actively maintained. If you rely on this crate, consider switching to a maintained alternative. Recommended alternatives - adler2...
Linux Distros Unpatched Vulnerability : CVE-2024-43407
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The...
CVE-2025-9308
A vulnerability has been found in yarnpkg Yarn up to 1.22.22. This impacts the function setOptions of the file src/util/request-manager.js. Such manipulation leads to inefficient regular expression complexity. Local access is required to approach this attack. This vulnerability only affects...