Lucene search
+L

150 matches found

CNNVD
CNNVD
added 2021/12/27 12:0 a.m.3 views

Rust 安全漏洞

Rust, a general-purpose, compiled programming language from the Mozilla Foundation, has a security vulnerability in versions prior to Rust zeroizederive crate 1.1.1, which stems from the fact that deleted memory is not set to zero. No details of the vulnerability are currently available...

9.8CVSS5.5AI score0.01191EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/12/27 12:0 a.m.5 views

Rust 缓冲区错误漏洞

Rust, a general-purpose, compiled programming language from the Mozilla Foundation, has a security vulnerability in versions prior to Rust metrics-util crate 0.7.0 that can be exploited by attackers to cause memory corruption...

8.1CVSS5.6AI score0.00741EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2021/12/26 10:15 p.m.2 views

CVE-2021-45714

An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. createaggregatefunction has a use-after-free...

7.5CVSS5.8AI score0.0118EPSS
Exploits1References3
OSV
OSV
added 2021/12/26 10:15 p.m.4 views

CVE-2021-45720

An issue was discovered in the lru crate before 0.7.1 for Rust. The iterators have a use-after-free, as demonstrated by an access after a pop operation...

7.5CVSS5.8AI score0.0118EPSS
Exploits1References2
OSV
OSV
added 2021/11/14 12:0 p.m.21 views

RUSTSEC-2021-0123 Converting `NSString` to a String Truncates at Null Bytes

Methods of NSString for conversion to a string may return a partial result. Since they call CStr::fromptr on a pointer to the string buffer, the string is terminated at the first null byte, which might not be the end of the string. In addition to the vulnerable functions listed for this issue, th...

7.5CVSS7.2AI score0.01314EPSS
Exploits1References3
Fedora
Fedora
added 2021/11/04 1:34 a.m.46 views

[SECURITY] Fedora 34 Update: rust-1.56.1-1.fc34

Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This package includes the Rust compiler and documentation generator...

8.3CVSS8.6AI score0.12205EPSS
Exploits4
OSV
OSV
added 2021/08/25 8:48 p.m.2 views

GHSA-QRWC-JXF5-G8X6 Out of bounds read in ordnung

An issue was discovered in the ordnung crate through version 0.0.1 for Rust. compact::Vec violates memory safety via out-of-bounds access for large capacity...

7.5CVSS7.1AI score0.0139EPSS
Exploits2References4
OSV
OSV
added 2021/08/25 8:48 p.m.3 views

GHSA-WGX2-6432-J3FW Unsoundness in bigint

An issue was discovered in the bigint crate through 2020-05-07 for Rust. It allows a soundness violation...

9.8CVSS5.9AI score0.01515EPSS
Exploits0References5
OSV
OSV
added 2021/08/25 8:46 p.m.42 views

GHSA-8RC5-MR4F-M243 Use after free in rio

An issue was discovered in the rio crate through 2020-05-11 for Rust. A struct can be leaked, allowing attackers to obtain sensitive information, cause a use-after-free, or cause a data race...

9.8CVSS5.9AI score0.01541EPSS
Exploits0References5
OSV
OSV
added 2021/08/23 11:3 a.m.6 views

OESA-2021-1323 rust security update

Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. Security Fixes: library/std/src/net/parser.rs in Rust before 1.53.0 does not properly consider extraneous zero characters at the beginning of an IP address string, which in some...

9.1CVSS6.9AI score0.02623EPSS
Exploits1References2
OSV
OSV
added 2021/08/08 6:15 a.m.5 views

CVE-2020-36467

An issue was discovered in the cgc crate through 2020-12-10 for Rust. Ptr::get returns more than one mutable reference to the same object...

5.9CVSS6.2AI score0.00978EPSS
Exploits3References2
OSV
OSV
added 2021/08/08 6:15 a.m.6 views

CVE-2021-38190

An issue was discovered in the nalgebra crate before 0.27.1 for Rust. It allows out-of-bounds memory access because it does not ensure that the number of elements is equal to the product of the row count and column count...

9.8CVSS7.3AI score0.01411EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/08/08 12:0 a.m.10 views

Rust 跨站脚本漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A cross-site scripting vulnerability exists in comrak crate in versions of Mozilla Rust prior to 0.10.1, which could be exploited by an attacker to execute the script in a Web browser in the secure context of a...

6.1CVSS5.3AI score0.00741EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/08/08 12:0 a.m.6 views

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. Mozilla Rust suffers from a denial-of-service vulnerability that can be exploited by attackers to cause a denial of service...

7.5CVSS5.7AI score0.01103EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/08/08 12:0 a.m.5 views

Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. Mozilla Rust is vulnerable to a resource management error that could be exploited by an attacker to create a use-after-release access...

7.5CVSS5.6AI score0.01233EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/08/08 12:0 a.m.7 views

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. Mozilla Rust is vulnerable to a memory leak that could be exploited by attackers to read memory from an uninitialized buffer...

9.8CVSS5.5AI score0.0123EPSS
Exploits0References3
OSV
OSV
added 2021/07/07 8:15 p.m.5 views

DEBIAN-CVE-2021-32715

hyper is an HTTP library for rust. hyper's HTTP/1 server code had a flaw that incorrectly parses and accepts requests with a Content-Length header with a prefixed plus sign, when it should have been rejected as illegal. This combined with an upstream HTTP proxy that doesn't parse such...

5.3CVSS5.8AI score0.00886EPSS
Exploits1References1
CNVD
CNVD
added 2021/05/28 12:0 a.m.6 views

Rust Resource Management Error Vulnerability (CNVD-2021-38306)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in algorithmica crate for Rust version 2021-03-07 and earlier, which stems from a double free in merge sort::merge.No details of the vulnerability are available a...

7.5CVSS6.8AI score0.00961EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2021/05/03 3:47 p.m.55 views

Buer Malware Tool Rewritten in E-Z Rust Language

A variant of the Buer malware, which is being distributed in emails disguised as DHL support shipping notices, comes with a fresh code rewrite in the popular Rust language and looks like it may be in the process of prepping for rental to other cybercrooks. Join Threatpost for “Fortifying Your...

7.5AI score
Exploits0References14
The Hacker News
The Hacker News
added 2021/05/03 1:3 p.m.64 views

A Rust-based Buer Malware Variant Has Been Spotted in the Wild

Cybersecurity researchers on Monday disclosed a new malspam campaign distributing a fresh variant of a malware loader called "Buer" written in Rust, illustrating how adversaries are constantly honing their malware toolsets to evade analysis. Dubbed "RustyBuer," the malware is propagated via email...

0.5AI score
Exploits0
Rows per page
Query Builder