CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2020/12/31 12:0 a.m.•2 views

Rust Resource Management Error Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust image crate before 0.23.12, which stems from mutable references having immutable origins. In the case of LLVM, the IR may always be correct...

5.5CVSS5.8AI score0.00054EPSS

CNNVD•added 2020/12/31 12:0 a.m.•2 views

Rust Resource Management Error Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in actix-service crate before 1.0.6 for Rust, where the Cell implementation allows obtaining multiple mutable references to the same data...

5.5CVSS5.8AI score0.00054EPSS

CNNVD•added 2020/12/31 12:0 a.m.•3 views

Rust Resource Management Error Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust actix-utils crate before 2.0.0, which stems from a Cell implementation that allows obtaining multiple mutable references to the same data...

9.1CVSS5.8AI score0.00334EPSS

RustSec•added 2020/12/17 12:0 p.m.•15 views

RingBuffer can create multiple mutable references and cause data races

The RingBuffer type retrieves mutable references from the DataProvider in a non-atomic manner, potentially allowing the creation of multiple mutable references. RingBuffer also implements the Send and Sync traits for all types T. This allows undefined behavior from the aliased mutable references ...

5.9CVSS3.3AI score0.0028EPSS

OSV•added 2020/12/17 12:0 p.m.•12 views

RUSTSEC-2020-0150 RingBuffer can create multiple mutable references and cause data races

5.9CVSS5.7AI score0.0028EPSS

OSV•added 2020/12/10 12:0 p.m.•10 views

RUSTSEC-2020-0148 Multiple soundness issues in `Ptr`

Affected versions of this crate have the following issues: 1. Ptr implements Send and Sync for all types, this can lead to data races by sending non-thread safe types across threads. 2. Ptr::get violates mutable alias rules by returning multiple mutable references to the same object. 3. Ptr::writ...

5.9CVSS5.5AI score0.0028EPSS

Exploits3References3

RustSec•added 2020/12/10 12:0 p.m.•12 views

Multiple soundness issues in `Ptr`

5.9CVSS2AI score0.0028EPSS

Exploits2

OSV•added 2020/11/12 12:0 p.m.•18 views

RUSTSEC-2020-0073 Mutable reference with immutable provenance

A mutable reference to a struct was constructed by dereferencing a pointer obtained from slice::asptr. Instead, slice::asmutptr should have been called on the mutable slice argument. The former performs an implicit reborrow as an immutable shared reference which does not allow writing through the...

5.5CVSS5.3AI score0.00054EPSS

RustSec•added 2020/11/12 12:0 p.m.•35 views

Mutable reference with immutable provenance

5.5CVSS2.1AI score0.00054EPSS

RustSec•added 2020/05/27 12:0 p.m.•199 views

`LocalRequest::clone` creates multiple mutable references to the same object

The affected version of rocket contains a Clone trait implementation of LocalRequest that reuses the pointer to inner Request object. This causes data race in rare combinations of APIs if the original and the cloned objects are modified at the same time...

8.1CVSS4.1AI score0.00336EPSS

Veracode•added 2020/04/10 12:35 a.m.•23 views

Information Disclosure

openjdk is vulnerable to information disclosure. Several potential information leaks were found in various mutable static variables. These could be exploited in application scenarios that execute untrusted scripting code...

7.8CVSS2.2AI score0.00699EPSS

Exploits0References24Affected Software1

Github Security Blog•added 2020/03/24 3:7 p.m.•74 views

Malicious package may avoid detection in python auditing

Python Auditing Vulnerability Demonstrates how a malicious package can insert a load-time poison pill to avoid detection by tools like Safety. Tools that are designed to find vulnerable packages can not ever run in the same python environment that they are trying to protect. Usage Install safety,...

5CVSS1.5AI score0.00069EPSS

Exploits0References7Affected Software1

RustSec•added 2020/01/08 12:0 p.m.•20 views

bespoke Cell implementation allows obtaining several mutable references to the same data

The custom implementation of a Cell primitive in the affected versions of this crate does not keep track of mutable references to the underlying data. This allows obtaining several mutable references to the same object which may result in arbitrary memory corruption, most likely use-after-free. T...

5.5CVSS3.5AI score0.00054EPSS

OSV•added 2020/01/08 12:0 p.m.•19 views

RUSTSEC-2020-0045 bespoke Cell implementation allows obtaining several mutable references to the same data

9.1CVSS9.1AI score0.00334EPSS

OSV•added 2020/01/08 12:0 p.m.•13 views

RUSTSEC-2020-0046 bespoke Cell implementation allows obtaining several mutable references to the same data

5.5CVSS5.4AI score0.00054EPSS