3466 matches found
[SECURITY] Fedora 44 Update: python-nh3-0.3.6-1.fc44
Python binding to Ammonia HTML sanitizer Rust crate...
[SECURITY] Fedora 43 Update: python-fastar-0.11.0-7.fc43
The fastar library wraps the Rust tar, flate2, and zstd crates, providing a high-performance way to work with compressed and uncompressed tar archives in Python...
[SECURITY] Fedora 44 Update: python-rpds-py-0.29.0-4.fc44
Python bindings to the Rust rpds crate...
CVE-2026-49989
creationtimestamp| type| source ---|---|--- 2026-07-01 20:35:07+00:00| published-proof-of-concept| https://github.com/crate/crate/security/advisories/GHSA-2xv8-gjwh-fv8p...
EUVD-2026-31658
Cargo crates in third party registries can override the cached source of other crates...
CVE-2026-8918
A permissive list of allowed inputs in ASUS Armoury Crate allows a local administrator to perform arbitrary memory read/write operations or cause a system crash BSOD by bypassing the validation mechanism.Refer to the ' Security Update for Armoury Crate App ' section on the ASUS Security Advisory...
CVE-2026-8918
A permissive list of allowed inputs in ASUS Armoury Crate allows a local administrator to perform arbitrary memory read/write operations or cause a system crash BSOD by bypassing the validation mechanism.Refer to the ' Security Update for Armoury Crate App ' section on the ASUS Security Advisory...
CVE-2026-8918
A permissive list of allowed inputs in ASUS Armoury Crate allows a local administrator to perform arbitrary memory read/write operations or cause a system crash BSOD by bypassing the validation mechanism.Refer to the ' Security Update for Armoury Crate App ' section on the ASUS Security Advisory...
CVE-2026-8918
The CVE concerns ASUS Armoury Crate. A permissive input validation allows a local administrator to bypass checks and perform arbitrary memory read/write or trigger a system crash (BSOD). Affected software is ASUS Armoury Crate; the underling issue is permissive input validation in the input handl...
EUVD-2026-38205
A permissive list of allowed inputs in ASUS Armoury Crate allows a local administrator to perform arbitrary memory read/write operations or cause a system crash BSOD by bypassing the validation mechanism.Refer to the ' Security Update for Armoury Crate App ' section on the ASUS Security Advisory...
PT-2026-51273
Name of the Vulnerable Software and Affected Versions ASUS Armoury Crate affected versions not specified Description A permissive list of allowed inputs allows a local administrator to bypass the validation mechanism. This can lead to arbitrary memory read/write operations or cause a system crash...
`onering` 1.4.1 was removed from crates.io for malicious code
A new version of the onering crate was published with code that attempted to exfiltrate both metadata and code from the project it was included within. One malicious version was published on 2026-06-10, approximately six hours before removal. This crate has no dependencies on crates.io, and there...
PT-2026-49131
The tide crate is unmaintained, and all versions are affected. The closest maintained alternative might be trillium. See this issue for more context...
PT-2026-49130
The surf crate is unmaintained, and all versions are affected. For alternatives, consider using reqwest or ureq. See this issue for more context...
RUSTSEC-2026-0171 `logflux` was removed from crates.io for malicious code
The logflux crate attempted to download and run a malicious payload on the user's machine. The malicious crate had 1 version published on 2026-04-26, approximately 1 month before removal, and had no evidence of actual usage. This crate had no dependencies on crates.io. Thanks to Paweł Bis for...
PT-2026-49098
The logflux crate attempted to download and run a malicious payload on the user's machine. The malicious crate had 1 version published on 2026-04-26, approximately 1 month before removal, and had no evidence of actual usage. This crate had no dependencies on crates.io. Thanks to Paweł Bis for...
`exploration` was removed from crates.io for malicious code
A method within the exploration crate attempted to download and execute a payload from a remote site. The malicious crate had 1 version published on 2026-06-02, approximately 1 hour before removal, and had no evidence of actual usage. This crate had no dependencies on crates.io. Thanks to Kirill...
PT-2026-48942
A method within the exploration crate attempted to download and execute a payload from a remote site. The malicious crate had 1 version published on 2026-06-02, approximately 1 hour before removal, and had no evidence of actual usage. This crate had no dependencies on crates.io. Thanks to Kirill...
CVE-2026-8070
Incorrect permission assignment for a critical resource in Armoury Crate allows a local user to bypass the driver’s validation mechanism, resulting in unauthorized read and write access to physical memory.Refer to the ' Security Update for Armoury Crate App ' section on the ASUS Security Advisory...
dicom-transfer-syntax-registry (>=0.8.2 <=0.9.1), dset (>=0.1.0 <=0.1.2) +10 more potentially affected by unknown CVE via jxl-grid (>=0.1.1 <=0.5.3)
jxl-grid CARGO version =0.1.1, =0.8.2, =0.1.0, =0.1.1, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.4.0, =0.5.0-rc0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0151...