Path traversal

The R programming language’s default package manager CRAN is affected by a path traversal vulnerability that can lead to server compromise. This vulnerability affects packages installed via the R CMD install cli command or the install.packages function from the interpreter. Update to version 4.0....

CVE-2020-27637

The R programming language’s default package manager CRAN is affected by a path traversal vulnerability that can lead to server compromise. This vulnerability affects packages installed via the R CMD install cli command or the install.packages function from the interpreter. Update to version 4.0....

CVE-2020-27637

The R programming language’s default package manager CRAN is affected by a path traversal vulnerability that can lead to server compromise. This vulnerability affects packages installed via the R CMD install cli command or the install.packages function from the interpreter. Update to version 4.0....

PYSEC-2021-876

Versions of Apache DolphinScheduler prior to 1.3.2 allowed an ordinary user under any tenant to override another users password through the API interface...

Apache DolphinScheduler Permission License and Access Control Issues Vulnerability

Apache DolphinScheduler is a distributed DAG visualization-based workflow task scheduling system from the Apache Foundation. A security vulnerability exists in Apache DolphinScheduler prior to 1.3.2, which allows normal users to override other users' passwords via the API interface...

R Cran Path Traversal Vulnerability

R Cran is a default package manager for the R programming language from the R Foundation. CRAN has a security vulnerability that can be exploited by an attacker to crash an application...

Rust buffer overflow vulnerability (CNVD-2021-37531)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in Rust serdecbor crate versions prior to 0.10.2, which stems from the fact that the CBOR deserializer may cause stack consumption via nested semantic tags. No detailed...

Unspecified Vulnerability in Rust (CNVD-2021-39557)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust futures-intrusive crate versions prior to 0.4.0 that stems from GenericMutexGuard allowing unsynchronized types of cross-thread data contention. No details of the...

Unspecified Vulnerability in Rust (CNVD-2021-37534)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in thex crate for Rust versions 2020-12-08 and earlier, which stems from thex allowing cross-thread data contention for non-sending types. No details of the vulnerability are...

Rust Resource Management Error Vulnerability (CNVD-2021-39556)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in Rust pyo3 crate versions prior to 0.12.4, which stems from a reference counting error and post-release usage in From . No details of the vulnerability are...

Rust Competitive Conditioning Problem Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A Competition Condition Issue vulnerability exists in Rust concread crate versions prior to 0.2.6, which can be exploited by an attacker to cause data contention in ARCache by sending a type that does not...

Unspecified Vulnerability in Rust (CNVD-2021-37535)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in versions prior to Rust magnetic crate 2.0.1 that stems from MPMCConsumer and MPMCProducer allowing cross-threaded sends of non-sending types. No details of the vulnerability ar...

Rust buffer overflow vulnerability (CNVD-2021-37536)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in try-mutex crate for Rust versions prior to 0.3.0, which stems from TryMutex allowing cross-threaded sends of non-sending types. No details of the vulnerability are...

Unspecified Vulnerability in Rust (CNVD-2021-39165)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in socket2 crate for Rust prior to version 0.3.16, which stems from its incorrect expectation of the std::net::SocketAddr memory representation. No details of the vulnerability ar...

Mozilla Rust ozone crate buffer overflow vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in ozone crate in versions of Mozilla Rust prior to 2020-07-04, which stems from an out-of-bounds access that violates memory safety. No details of the vulnerability are...

Red Lion Controls Crimson 安全漏洞

Crimson is a programming software from Red Lion. Crimson suffers from a resource improperly closed or freed vulnerability. An attacker can exploit this vulnerability by sending a specially crafted message to leak arbitrary memory locations...

CVE-2020-28852

In x/text in Go before v0.3.5, a "slice bounds out of range" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. x/text/language is supposed to be able to parse an HTTP Accept-Language header...

CVE-2020-35899

An issue was discovered in the actix-service crate before 1.0.6 for Rust. The Cell implementation allows obtaining more than one mutable reference to the same data...

Rust Security Vulnerabilities

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. arr crate through 2020-08-25 for Rust A security vulnerability exists that stems from uninitialized memory being deleted from the template by Array::new...

Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in http crate in versions of Mozilla Rust prior to 0.1.20, which stems from HeaderMap:: The Drain API can use raw pointers to corrupt sound effects. No details of the vulnerabilit...