CVE-2020-11592

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request and get the columns of a specific table within the CIP database...

CVE-2020-36514

An issue was discovered in the accreader crate through 2020-12-27 for Rust. fillbuf may read from uninitialized memory locations...

CVE-2020-36442

An issue was discovered in the beef crate before 0.5.0 for Rust. beef::Cow has no Sync bound on its Send trait...

CVE-2020-35902

An issue was discovered in the actix-codec crate before 0.3.0-beta.1 for Rust. There is a use-after-free in Framed...

CVE-2020-35871

An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated via an Auxdata API data race...

CVE-2020-35862

An issue was discovered in the bitvec crate before 0.17.4 for Rust. BitVec to BitBox conversion leads to a use-after-free or double free...

CVE-2020-25791

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with unit...

CVE-2020-25795

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, insertfrom can have a memory-safety issue upon a panic...

CVE-2020-35872

An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated via the reprRust type...

CVE-2020-35890

An issue was discovered in the ordnung crate through 2020-09-03 for Rust. compact::Vec violates memory safety via out-of-bounds access for large capacity...

CVE-2020-35905

An issue was discovered in the futures-util crate before 0.3.7 for Rust. MutexGuard::map can cause a data race for certain closure situations in safe code...

CVE-2020-36469

An issue was discovered in the appendix crate through 2020-11-15 for Rust. For the generic K and V type parameters, Send and Sync are implemented unconditionally...

CVE-2020-36441

An issue was discovered in the abox crate before 0.4.1 for Rust. It implements Send and Sync for AtomicBox with no requirement for T: Send and T: Sync...

CVE-2020-36219

An issue was discovered in the atomic-option crate through 2020-10-31 for Rust. Because AtomicOption implements Sync unconditionally, a data race can occur...

CVE-2020-36214

An issue was discovered in the multiqueue2 crate before 0.1.7 for Rust. Because a non-Send type can be sent to a different thread, a data race can occur...

CVE-2020-36446

An issue was discovered in the signal-simple crate through 2020-11-15 for Rust. There are unconditional implementations of Send and Sync for SyncChannel...

CVE-2020-35925

An issue was discovered in the magnetic crate before 2.0.1 for Rust. MPMCConsumer and MPMCProducer allow cross-thread sending of a non-Send type...

CVE-2020-35889

An issue was discovered in the crayon crate through 2020-08-31 for Rust. A TOCTOU issue has a resultant memory safety violation via HandleLike...

CVE-2020-35867

An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated via createmodule...

CVE-2020-36210

An issue was discovered in the autorand crate before 0.2.3 for Rust. Because of impl Random on arrays, uninitialized memory can be dropped when a panic occurs, leading to memory corruption...