727 matches found
GetPDB (>=0.1.0 <=1.0.1), IMAPServer (=0.1.0) +3081 more potentially affected by unknown CVE via tokio-tcp (>=0.1.4 <=0.2.0-alpha.1)
tokio-tcp CARGO version =0.1.4, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.5.3, =0.2.1, =0.1.0, =0.1.0, =0.1.0, =0.8.0, =0.13.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0059...
GetPDB (>=0.1.0 <=1.0.1), IMAPServer (=0.1.0) +3114 more potentially affected by unknown CVE via tokio-reactor (>=0.1.12 <=0.2.0-alpha.1)
tokio-reactor CARGO version =0.1.12, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.5.3, =0.2.1, =0.1.0, =0.1.0, =0.1.0, =0.8.0, =0.13.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0057...
graph-generator-lib (>=0.1.0 <=0.1.10), libunftp (>=0.6.0 <=0.6.1) +7 more potentially affected by unknown CVE via tokio-compat (=0.1.6)
tokio-compat CARGO version =0.1.6 is affected by a known vulnerability. The following packages have a transitive dependency on tokio-compat and may be impacted: - graph-generator-lib =0.1.0, =0.6.0, =0.1.0, =0.1.3 - parity-runtime =0.1.2 - price-info =1.12.0 - rudolfs =0.2.11 - sccache =0.2.15 -...
IMAPServer (=0.1.0), NeteaseCloudMusicRustApi (=0.1.1) +2121 more potentially affected by unknown CVE via tokio-codec (>=0.1.2 <=0.2.0-alpha.6)
tokio-codec CARGO version =0.1.2, =0.1.0, =0.2.0, =0.5.3, =0.2.1, =0.1.0, =0.4.0, =0.0.1, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =1.0.0-alpha.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0056...
GetPDB (>=0.1.0 <=1.0.1), IMAPServer (=0.1.0) +3135 more potentially affected by unknown CVE via tokio-timer (>=0.1.2 <=0.3.0-alpha.6)
tokio-timer CARGO version =0.1.2, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.5.3, =0.2.1, =0.1.0, =0.1.0, =0.1.0, =0.9.1 - acme-lib-load-order =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0060...
GetPDB (>=0.1.0 <=1.0.1), IMAPServer (=0.1.0) +3183 more potentially affected by unknown CVE via tokio-sync (>=0.1.8 <=0.2.0-alpha.6)
tokio-sync CARGO version =0.1.8, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.5.3, =0.2.1, =0.1.0, =0.1.0, =0.1.0, =0.9.1 - acme-lib-load-order =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0052...
BeerHolderBot (>=0.1.0 <=0.3.6), NeteaseCloudMusicRustApi (=0.1.1) +1848 more potentially affected by unknown CVE via tokio-tls (>=0.2.1 <=0.3.1)
tokio-tls CARGO version =0.2.1, =0.1.0, =0.0.2, =0.1.0, =0.1.0, =0.7.0, =0.1.0, =1.0.0, =0.1.0, =0.1.0, =0.4.0, =0.4.1 - actix-server =0.8.0-alpha.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0053...
IMAPServer (=0.1.0), NeteaseCloudMusicRustApi (=0.1.1) +1946 more potentially affected by unknown CVE via tokio-udp (>=0.1.0 <=0.2.0-alpha.1)
tokio-udp CARGO version =0.1.0, =0.1.0, =0.2.0, =0.5.3, =0.2.1, =0.1.0, =0.4.0, =0.0.1, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.3.0 - actix-cors =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0064...
GetPDB (>=0.1.0 <=1.0.1), IMAPServer (=0.1.0) +3364 more potentially affected by unknown CVE via tokio-io (>=0.1.13 <=0.2.0-alpha.6)
tokio-io CARGO version =0.1.13, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.5.3, =0.2.1, =0.1.1, =0.1.0, =0.1.0, =0.1.0, =0.9.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0058...
GetPDB (>=0.1.0 <=1.0.1), IMAPServer (=0.1.0) +3030 more potentially affected by unknown CVE via tokio-current-thread (>=0.1.7 <=0.2.0-alpha.1)
tokio-current-thread CARGO version =0.1.7, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.5.3, =0.2.1, =0.1.0, =0.1.0, =0.1.0, =0.8.0, =0.13.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0054...
adventure-rusoto-ecs (=0.4.0), adventure-rusoto-sns (=0.4.0) +240 more potentially affected by unknown CVE via tokio-process (>=0.1.6 <=0.3.0-alpha.2)
tokio-process CARGO version =0.1.6, =0.0.2, =0.0.1, =0.1.5, =0.1.0, =0.2.1, =0.3.0, =0.1.0, =0.21.0, =0.2.0, =0.6.0, =0.6.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0055...
GetPDB (>=0.1.0 <=1.0.1), IMAPServer (=0.1.0) +3227 more potentially affected by unknown CVE via tokio-executor (>=0.1.10 <=0.2.0-alpha.6)
tokio-executor CARGO version =0.1.10, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.5.3, =0.2.1, =0.1.0, =0.1.0, =0.1.0, =0.9.1 - acme-lib-load-order =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0063...
Brains (>=0.1.0 <=0.2.0), MFEKmath (>=0.1.0 <=0.1.1) +1604 more potentially affected by CVE-2026-33055 via tar (>=0.2.14 <=0.4.40)
tar CARGO version =0.2.14, =0.1.0, =0.1.0, =0.1.0, =0.10.2, =0.1.0, =0.1.2, =0.23.0, =0.23.0, =0.9.0, =1.2.0, =0.5.4, =0.5.4, =1.0.1 and more Source cves: CVE-2026-33055 Source advisory: OSV:RUSTSEC-2026-0068...
Brains (>=0.1.0 <=0.2.0), MFEKmath (>=0.1.0 <=0.1.1) +1604 more potentially affected by CVE-2026-33056 via tar (>=0.2.14 <=0.4.40)
tar CARGO version =0.2.14, =0.1.0, =0.1.0, =0.1.0, =0.10.2, =0.1.0, =0.1.2, =0.23.0, =0.23.0, =0.9.0, =1.2.0, =0.5.4, =0.5.4, =1.0.1 and more Source cves: CVE-2026-33056 Source advisory: OSV:RUSTSEC-2026-0067...
openSUSE 16 Security Update : rust-keylime (openSUSE-SU-2026:20364-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20364-1 advisory. - Update to version 0.2.8+116: - CVE-2026-25727: Update vendored crates to fix a date parser can lead to stack exhaustion in Time. bsc1257908...
OPENSUSE-SU-2026:20364-1 Security update for rust-keylime
This update for rust-keylime fixes the following issues: - Update to version 0.2.8+116: - CVE-2026-25727: Update vendored crates to fix a date parser can lead to stack exhaustion in Time. bsc1257908...
`tracing-ethers` was removed from crates.io due to malicious code
The tracing-ethers crate attempted to exfiltrate ssh keys to an app hosted on vercel.app The malicious crate had 9 version published on 2026-03-09 approximately 5 days before removal and had no evidence of actual downloads. There were no crates depending on this crate on crates.io. Thanks to the...
Security Bulletin: IBM Edge Data Collector uses nix-0.26.4.crate, nix-0.29.0.crate, tokio-util-0.6.10.crate, tokio-util-0.7.13.crate which is vulnerable to CVE-2021-41248.
Summary IBM Edge Data Collector uses nix-0.26.4.crate, nix-0.29.0.crate, tokio-util-0.6.10.crate, tokio-util-0.7.13.crate which is vulnerable to CVE-2021-41248. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2021-41248 DESCRIPTION: GraphiQL is the...
acril (=0.1.0), acril-http (=0.1.0) +883 more potentially affected by unknown CVE via http-types (>=1.3.1 <=2.12.0)
http-types CARGO version =1.3.1, =4.0.0, =0.1.0, =0.1.0, =0.3.0, =0.10.0, =0.3.0, =0.1.0, =0.1.0, =0.6.0, =0.0.1, =0.0.6 - aquadoggo =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0174...
Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets
Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file data to the threat actors. The Rust packages, published to crates.io, are listed below - chronoanchor dnp3times timecalibrator timecalibrators time-sync The crates,...