Lucene search
+L

2460 matches found

Prion
Prion
added 2020/12/31 9:15 a.m.20 views

Cross site scripting

An issue was discovered in the try-mutex crate before 0.3.0 for Rust. TryMutex allows cross-thread sending of a non-Send type...

2.1CVSS5.5AI score0.00377EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2020/12/31 8:16 a.m.163 views

CVE-2020-35924

CVE-2020-35924 affects the Rust crate try-mutex prior to 0.3.0. The issue arises because TryMutex allowed cross-thread sending of non-Send types due to an unconditional Sync implementation, enabling data races. The root cause is absence of a Send bound on the Sync trait implementation for TryMute...

5.5CVSS5.4AI score0.00377EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/12/31 8:16 a.m.28 views

CVE-2020-35924

An issue was discovered in the try-mutex crate before 0.3.0 for Rust. TryMutex allows cross-thread sending of a non-Send type...

5.4AI score0.00377EPSS
Exploits1References1
OSV
OSV
added 2020/12/31 1:15 a.m.10 views

CVE-2020-12658

gssproxy aka gss-proxy before 0.8.3 does not unlock condmutex before pthread exit in gpworkermain in gpworkers.c. NOTE: An upstream comment states "We are already on a shutdown path when running the code in question, so a DoS there doesn't make any sense, and there has been no additional...

9.8CVSS9.2AI score
Exploits0References4
OSV
OSV
added 2020/12/31 1:15 a.m.1 views

DEBIAN-CVE-2020-12658

gssproxy aka gss-proxy before 0.8.3 does not unlock condmutex before pthread exit in gpworkermain in gpworkers.c. NOTE: An upstream comment states "We are already on a shutdown path when running the code in question, so a DoS there doesn't make any sense, and there has been no additional...

9.8CVSS8.2AI score0.01681EPSS
Exploits0References1
CNNVD
CNNVD
added 2020/12/31 12:0 a.m.11 views

Gssapi Gssproxy Security Vulnerabilities

Gssapi Gssproxy is a C-based implementation of a GSS-API protocol-compliant proxy for the Gssapi personal developer. A security vulnerability exists in gssproxy aka gss-proxy before 0.8.3, which stems from not unlocking the cond mutex lock before the pthread in gp worker main exits...

9.8CVSS5.8AI score0.01681EPSS
Exploits0References7
CNNVD
CNNVD
added 2020/12/31 12:0 a.m.9 views

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust futures-intrusive crate versions prior to 0.4.0 that stems from GenericMutexGuard allowing unsynchronized types of cross-thread data contention. No details of the...

5.5CVSS5.8AI score0.00374EPSS
Exploits1References2
CNNVD
CNNVD
added 2020/12/31 12:0 a.m.8 views

Rust Competition Condition Problem Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust futures-util crate before 0.3.7, which stems from the fact that MutexGuard::map can lead to data contention in certain closure cases in safe code...

4.7CVSS5.8AI score0.00261EPSS
Exploits1References2
CNNVD
CNNVD
added 2020/12/31 12:0 a.m.8 views

Rust 缓冲区错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in try-mutex crate for Rust versions prior to 0.3.0, which stems from TryMutex allowing cross-threaded sends of non-sending types. No details of the vulnerability are...

5.5CVSS6AI score0.00377EPSS
Exploits1References2
RustSec
RustSec
added 2020/12/22 12:0 p.m.24 views

`Demuxer` can carry non-Send types across thread boundaries

In the affected versions of this crate, Demuxer unconditionally implemented Send with no trait bounds on T. This allows sending a non-Send type T across thread boundaries, which can cause undefined behavior like unlocking a mutex from a thread that didn't lock the mutex, or memory corruption from...

5.9CVSS2.7AI score0.00801EPSS
Exploits1Affected Software1
OSV
OSV
added 2020/11/15 12:0 p.m.17 views

RUSTSEC-2020-0126 SyncChannel<T> can move 'T: !Send' to other threads

Affected versions of this crate unconditionally implement Send/Sync for SyncChannel. SyncChannel doesn't provide access to &T but merely serves as a channel that consumes and returns owned T. Users can create UB in safe Rust by sending T: !Send to other threads with SyncChannel::send/recv APIs...

8.1CVSS7.9AI score0.00766EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2020/10/31 12:0 p.m.9 views

async-mutex (>=1.0.1 <=1.4.1), blocking-permit (>=0.1.0 <=1.2.1) +18 more potentially affected by CVE-2020-35915 via futures-intrusive (>=0.2.2 <=0.3.1)

futures-intrusive CARGO version =0.2.2, =1.0.1, =0.1.0, =0.4.0, =0.4.0, =0.4.0, =0.2.0, =0.10.0, =0.3.6, =0.3.7 - raii-counter-futures =0.1.0 - stm32f1xx-futures =0.1.0 - switchyard =0.1.0 and more Source cves: CVE-2020-35915 Source advisory: OSV:RUSTSEC-2020-0072...

5.5CVSS6AI score0.00374EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2020/09/25 12:0 a.m.36 views

Ubuntu 18.04 LTS : atftpd vulnerabilities (USN-4540-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4540-1 advisory. Denis Andzakovic discovered that atftpd incorrectly handled certain malformed packets. A remote attacker could send a specially crafted packet to cause...

9.8CVSS7.5AI score0.04288EPSS
Exploits2References3
OSV
OSV
added 2020/09/24 8:40 p.m.22 views

USN-4540-1 atftp vulnerabilities

Denis Andzakovic discovered that atftpd incorrectly handled certain malformed packets. A remote attacker could send a specially crafted packet to cause atftpd to crash, resulting in a denial of service. CVE-2019-11365 Denis Andzakovic discovered that atftpd did not properly lock the thread list...

9.8CVSS5.8AI score0.04288EPSS
Exploits2References3
Veracode
Veracode
added 2020/09/24 11:5 a.m.26 views

Denial Of Service (DoS)

atftp is vulnerable to denial of service DoS. The vulnerability exists as it does not lock the threadlistmutex mutex before assigning the current thread data structure. As a result, the daemon is vulnerable to a denial of service attack due to a NULL pointer dereference. If threaddata is NULL whe...

5.9CVSS2.7AI score0.02098EPSS
Exploits1References7Affected Software2
Positive Technologies
Positive Technologies
added 2020/04/20 12:0 a.m.2 views

PT-2020-13190 · Mit +4 · Gssproxy +4

Name of the Vulnerable Software and Affected Versions: gssproxy versions prior to 0.8.3 Description: The issue is related to the gssproxy aka gss-proxy not unlocking cond mutex before pthread exit in gp worker main in gp workers.c. It is noted that the code in question is already on a shutdown...

9.8CVSS6.7AI score0.01681EPSS
Exploits0References37
CNVD
CNVD
added 2020/03/18 12:0 a.m.5 views

Meetecho Janus has an unspecified vulnerability

Meetecho Janus is a WebRTC Web Real Time Communication server from Meetecho. Meetecho Janus has a security vulnerability discovered in Janus via 0.9.1. janusaudiobridge.c has a double mutex lock unlock when listing private rooms in AudioBridge. No details of the vulnerability are provided at this...

7.5CVSS6.9AI score0.00839EPSS
Exploits0References1
NVD
NVD
added 2020/03/14 8:15 p.m.18 views

CVE-2020-10573

An issue was discovered in Janus through 0.9.1. janusaudiobridge.c has a double mutex unlock when listing private rooms in AudioBridge...

7.5CVSS7.5AI score0.00839EPSS
Exploits0References1
OSV
OSV
added 2020/03/14 8:15 p.m.16 views

CVE-2020-10573

An issue was discovered in Janus through 0.9.1. janusaudiobridge.c has a double mutex unlock when listing private rooms in AudioBridge...

7.5CVSS6.8AI score
Exploits0References1
OSV
OSV
added 2020/03/14 8:15 p.m.3 views

DEBIAN-CVE-2020-10573

An issue was discovered in Janus through 0.9.1. janusaudiobridge.c has a double mutex unlock when listing private rooms in AudioBridge...

7.5CVSS7.4AI score0.00839EPSS
Exploits0References1
Rows per page
Query Builder