Heap overflow

TensorFlow is an open source platform for machine learning. In affected versions the code for boosted trees in TensorFlow is still missing validation. As a result, attackers can trigger denial of service via dereferencing nullptrs or via CHECK-failures as well as abuse undefined behavior binding...

traitobject is Unmaintained

Crate traitobject has not had a release for over five years. In addition there is an existing security advisory that has not been addressed: - RUSTSEC-2020-0027 Possible Alternatives The below list has not been vetted in any way and may or may not contain alternatives; - destructuretraitobject...

RUSTSEC-2021-0144 traitobject is Unmaintained

Crate traitobject has not had a release for over five years. In addition there is an existing security advisory that has not been addressed: - RUSTSEC-2020-0027 Possible Alternatives The below list has not been vetted in any way and may or may not contain alternatives; - destructuretraitobject...

PT-2021-21528 · Poly · Poly Cx5500 +1

Name of the Vulnerable Software and Affected Versions: Poly CX5500 and CX5100 version 1.3.5 Description: A command-injection vulnerability in an authenticated Telnet connection leads to Privilege Escalation and Remote Code Execution capability. This issue only affects products that are no longer...

RUSTSEC-2021-0147 `daemonize` is Unmaintained

Last release was over four years ago. The crate contains undocumented unsafe behind safe fns. An issue inquiring as to possible updates has gone unanswered by the maintainer. Possible Alternatives The below list has not been vetted in any way and may or may not contain alternatives: - daemonize-m...

`daemonize` is Unmaintained

Last release was over four years ago. The crate contains undocumented unsafe behind safe fns. An issue inquiring as to possible updates has gone unanswered by the maintainer. Possible Alternatives The below list has not been vetted in any way and may or may not contain alternatives: - daemonize-m...

CVE-2021-39613

D-Link DVG-3104MS version 1.0.2.0.3, 1.0.2.0.4, and 1.0.2.0.4E contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file. As weak passwords have been used, the plaintext passwords can be recovered from the hash values. NOTE: This vulnerability only affects products...

RUSTSEC-2021-0139 ansi_term is Unmaintained

The maintainer has advised that this crate is deprecated and will not receive any maintenance. The crate does not seem to have much dependencies and may or may not be ok to use as-is. Last release seems to have been three years ago. Possible Alternatives The below list has not been vetted in any...

ansi_term is Unmaintained

The maintainer has advised that this crate is deprecated and will not receive any maintenance. The crate does not seem to have much dependencies and may or may not be ok to use as-is. Last release seems to have been three years ago. Possible Alternatives The below list has not been vetted in any...

spirv_headers is unmaintained, use spirv instead

Because of versioning issues; the spirvheaders crate is unmaintained. Use spirv for parsing spirv files...

serde_cbor is unmaintained

The serdecbor crate is unmaintained. The author has archived the github repository. Alternatives proposed by the author: ciborium minicbor...

RUSTSEC-2021-0127 serde_cbor is unmaintained

The serdecbor crate is unmaintained. The author has archived the github repository. Alternatives proposed by the author: ciborium minicbor...

Per Page Add to Head <= 1.4.4 - Authenticated Stored XSS

The plugin does not properly sanitise one of its setting, allowing malicious HTML to be inserted by high privilege users even when the unfilteredhtml capability is disallowed, which could lead to Cross-Site Scripting issues. Note: The plugin is no longer maintained. PoC Put the following payload ...

Potential unaligned read

On windows, atty dereferences a potentially unaligned pointer. In practice however, the pointer won't be unaligned unless a custom global allocator is used. In particular, the System allocator on windows uses HeapAlloc, which guarantees a large enough alignment. atty is Unmaintained A Pull Reques...

RUSTSEC-2021-0145 Potential unaligned read

On windows, atty dereferences a potentially unaligned pointer. In practice however, the pointer won't be unaligned unless a custom global allocator is used. In particular, the System allocator on windows uses HeapAlloc, which guarantees a large enough alignment. atty is Unmaintained A Pull Reques...

CVE-2021-22181

A denial of service vulnerability in GitLab CE/EE affecting all versions since 11.8 allows an attacker to create a recursive pipeline relationship and exhaust resources...

RUSTSEC-2021-0065 anymap is unmaintained.

The anymap crate does not appear to be maintained, and the most recent published version 0.12.1 includes a soundness bug. This has been fixed a few years ago, but was never released...

RUSTSEC-2021-0140 rusttype is Unmaintained

The maintainer has advised this crate is deprecated and will not receive any maintenance. The maintainer has further advised to migrate over to abglyph. Last release seems to have been over two years ago. Possible Alternatives The below list has not been vetted in any way and may or may not conta...

rusttype is Unmaintained

The maintainer has advised this crate is deprecated and will not receive any maintenance. The maintainer has further advised to migrate over to abglyph. Last release seems to have been over two years ago. Possible Alternatives The below list has not been vetted in any way and may or may not conta...

Synology DiskStation Manager Using Unmaintained Third-Party Components Vulnerability

Synology DiskStation Manager DSM is an operating system for use on Network Storage Servers NAS from Synology Inc. of Taiwan, China. This operating system manages information such as data, files, photos, music, and more. A security vulnerability exists in faad in Synology DiskStation Manager...