Lucene search
K

3466 matches found

Fedora
Fedora
added 5 days ago9 views

[SECURITY] Fedora 44 Update: python-nh3-0.3.6-1.fc44

Python binding to Ammonia HTML sanitizer Rust crate...

5.9AI score
Exploits0
Fedora
Fedora
added 6 days ago13 views

[SECURITY] Fedora 43 Update: python-fastar-0.11.0-7.fc43

The fastar library wraps the Rust tar, flate2, and zstd crates, providing a high-performance way to work with compressed and uncompressed tar archives in Python...

6AI score
Exploits0
Fedora
Fedora
added 2026/07/06 2:55 p.m.17 views

[SECURITY] Fedora 44 Update: python-rpds-py-0.29.0-4.fc44

Python bindings to the Rust rpds crate...

5.9AI score
Exploits0
Circl
Circl
added 2026/07/01 8:35 p.m.9 views

CVE-2026-49989

creationtimestamp| type| source ---|---|--- 2026-07-01 20:35:07+00:00| published-proof-of-concept| https://github.com/crate/crate/security/advisories/GHSA-2xv8-gjwh-fv8p...

5.8AI score
Exploits0References1
EUVD
EUVD
added 2026/06/26 9:48 p.m.22 views

EUVD-2026-31658

Cargo crates in third party registries can override the cached source of other crates...

6.5CVSS5.8AI score0.00294EPSS
Exploits0References5
NVD
NVD
added 2026/06/22 3:16 a.m.16 views

CVE-2026-8918

A permissive list of allowed inputs in ASUS Armoury Crate allows a local administrator to perform arbitrary memory read/write operations or cause a system crash BSOD by bypassing the validation mechanism.Refer to the ' Security Update for Armoury Crate App ' section on the ASUS Security Advisory...

7.1CVSS0.00224EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 2:0 a.m.3 views

CVE-2026-8918

A permissive list of allowed inputs in ASUS Armoury Crate allows a local administrator to perform arbitrary memory read/write operations or cause a system crash BSOD by bypassing the validation mechanism.Refer to the ' Security Update for Armoury Crate App ' section on the ASUS Security Advisory...

7.1CVSS6AI score0.00224EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/22 2:0 a.m.34 views

CVE-2026-8918

A permissive list of allowed inputs in ASUS Armoury Crate allows a local administrator to perform arbitrary memory read/write operations or cause a system crash BSOD by bypassing the validation mechanism.Refer to the ' Security Update for Armoury Crate App ' section on the ASUS Security Advisory...

7.1CVSS0.00224EPSS
Exploits0References1
CVE
CVE
added 2026/06/22 2:0 a.m.17 views

CVE-2026-8918

The CVE concerns ASUS Armoury Crate. A permissive input validation allows a local administrator to bypass checks and perform arbitrary memory read/write or trigger a system crash (BSOD). Affected software is ASUS Armoury Crate; the underling issue is permissive input validation in the input handl...

7.1CVSS6AI score0.00224EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/22 2:0 a.m.8 views

EUVD-2026-38205

A permissive list of allowed inputs in ASUS Armoury Crate allows a local administrator to perform arbitrary memory read/write operations or cause a system crash BSOD by bypassing the validation mechanism.Refer to the ' Security Update for Armoury Crate App ' section on the ASUS Security Advisory...

7.1CVSS6AI score0.00224EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.19 views

PT-2026-51273

Name of the Vulnerable Software and Affected Versions ASUS Armoury Crate affected versions not specified Description A permissive list of allowed inputs allows a local administrator to bypass the validation mechanism. This can lead to arbitrary memory read/write operations or cause a system crash...

7.1CVSS5.9AI score0.00224EPSS
Exploits0References9
RustSec
RustSec
added 2026/06/10 12:0 p.m.16 views

`onering` 1.4.1 was removed from crates.io for malicious code

A new version of the onering crate was published with code that attempted to exfiltrate both metadata and code from the project it was included within. One malicious version was published on 2026-06-10, approximately six hours before removal. This crate has no dependencies on crates.io, and there...

5.6AI score
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.10 views

PT-2026-49131

The tide crate is unmaintained, and all versions are affected. The closest maintained alternative might be trillium. See this issue for more context...

5.2AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.14 views

PT-2026-49130

The surf crate is unmaintained, and all versions are affected. For alternatives, consider using reqwest or ureq. See this issue for more context...

5.2AI score
Exploits0References4
OSV
OSV
added 2026/06/03 12:0 p.m.13 views

RUSTSEC-2026-0171 `logflux` was removed from crates.io for malicious code

The logflux crate attempted to download and run a malicious payload on the user's machine. The malicious crate had 1 version published on 2026-04-26, approximately 1 month before removal, and had no evidence of actual usage. This crate had no dependencies on crates.io. Thanks to Paweł Bis for...

5.8AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.17 views

PT-2026-49098

The logflux crate attempted to download and run a malicious payload on the user's machine. The malicious crate had 1 version published on 2026-04-26, approximately 1 month before removal, and had no evidence of actual usage. This crate had no dependencies on crates.io. Thanks to Paweł Bis for...

5.4AI score
Exploits0References3
RustSec
RustSec
added 2026/06/02 12:0 p.m.14 views

`exploration` was removed from crates.io for malicious code

A method within the exploration crate attempted to download and execute a payload from a remote site. The malicious crate had 1 version published on 2026-06-02, approximately 1 hour before removal, and had no evidence of actual usage. This crate had no dependencies on crates.io. Thanks to Kirill...

5.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.24 views

PT-2026-48942

A method within the exploration crate attempted to download and execute a payload from a remote site. The malicious crate had 1 version published on 2026-06-02, approximately 1 hour before removal, and had no evidence of actual usage. This crate had no dependencies on crates.io. Thanks to Kirill...

5.6AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/30 8:13 a.m.17 views

CVE-2026-8070

Incorrect permission assignment for a critical resource in Armoury Crate allows a local user to bypass the driver’s validation mechanism, resulting in unauthorized read and write access to physical memory.Refer to the ' Security Update for Armoury Crate App ' section on the ASUS Security Advisory...

7.3CVSS5.8AI score0.0009EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/05/29 12:0 p.m.9 views

dicom-transfer-syntax-registry (>=0.8.2 <=0.9.1), dset (>=0.1.0 <=0.1.2) +10 more potentially affected by unknown CVE via jxl-grid (>=0.1.1 <=0.5.3)

jxl-grid CARGO version =0.1.1, =0.8.2, =0.1.0, =0.1.1, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.4.0, =0.5.0-rc0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0151...

5.5AI score
Exploits0
Rows per page
Query Builder