Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Github Security Blog
Github Security Blogadded 2022/09/16 5:41 p.m.18 views

linked_list_allocator vulnerable to out-of-bound writes on `Heap` initialization and `Heap::extend`

Impact What kind of vulnerability is it? Who is impacted? This vulnerability impacts all the initialization functions on the Heap and LockedHeap types, including Heap::new, Heap::init, Heap::initfromslice, and LockedHeap::new. It also affects multiple uses of the Heap::extend method. Initializati...

9.8CVSS9AI score0.00297EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blogadded 2022/08/06 5:20 a.m.265 views

Rust-WebSocket memory allocation based on untrusted length

Impact Untrusted websocket connections can cause an out-of-memory OOM process abort in a client or a server. The root cause of the issue is during dataframe parsing. Affected versions would allocate a buffer based on the declared dataframe size, which may come from an untrusted source. When...

7.5CVSS7.2AI score0.00712EPSS
Exploits0References7Affected Software1
OSV
OSVadded 2022/08/06 5:20 a.m.42 views

GHSA-QRJV-RF5Q-QPXC Rust-WebSocket memory allocation based on untrusted length

Impact Untrusted websocket connections can cause an out-of-memory OOM process abort in a client or a server. The root cause of the issue is during dataframe parsing. Affected versions would allocate a buffer based on the declared dataframe size, which may come from an untrusted source. When...

7.5CVSS7.4AI score0.00712EPSS
Exploits0References7
Github Security Blog
Github Security Blogadded 2022/06/21 8:12 p.m.14 views

Reachable Assertion in rulex

Impact When parsing untrusted rulex expressions, rulex may crash, possibly enabling a Denial of Service attack. This happens when the expression contains a multi-byte UTF-8 code point in a string literal or after a backslash, because rulex tries to slice into the code point and panics as a result...

6.5CVSS6.5AI score0.0042EPSS
Exploits0References5Affected Software1
The Hacker News
The Hacker Newsadded 2020/03/24 8:6 p.m.0 views

Critical RCE Bug Affects Millions of OpenWrt-based Network Devices

A cybersecurity researcher today disclosed technical details and proof-of-concept of a critical remote code execution vulnerability affecting OpenWrt , a widely used Linux-based operating system for routers, residential gateways, and other embedded devices that route network traffic. Tracked as...

8.1CVSS8.2AI score0.00323EPSS
Exploits3
OpenSSL
OpenSSLadded 2016/11/10 12:0 a.m.36 views

Vulnerability in OpenSSL - CMS Null dereference

Applications parsing invalid CMS structures can crash with a NULL pointer dereference. This is caused by a bug in the handling of the ASN.1 CHOICE type in OpenSSL 1.1.0 which can result in a NULL value being passed to the structure callback if an attempt is made to free certain invalid encodings...

6.4AI score0.01059EPSS
Exploits0Affected Software1
Rows per page
Query Builder