Lucene search
K

9542 matches found

EUVD
EUVD
added 2026/01/31 11:38 a.m.7 views

EUVD-2025-206594

In the Linux kernel, the following vulnerability has been resolved: rustbinder: remove spinlock in rustshrinkfreepage When forward-porting Rust Binder to 6.18, I neglected to take commit fb56fdf8b9a2 "mm/listlru: split the lock to per-cgroup scope" into account, and apparently I did not end up...

5.7AI score0.00102EPSS
Exploits0References2
OSV
OSV
added 2026/01/31 11:38 a.m.6 views

CVE-2025-71181 rust_binder: remove spin_lock() in rust_shrink_free_page()

In the Linux kernel, the following vulnerability has been resolved: rustbinder: remove spinlock in rustshrinkfreepage When forward-porting Rust Binder to 6.18, I neglected to take commit fb56fdf8b9a2 "mm/listlru: split the lock to per-cgroup scope" into account, and apparently I did not end up...

5.5CVSS5.7AI score0.00102EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/01/31 12:0 a.m.6 views

PT-2026-5507

In the Linux kernel, the following vulnerability has been resolved: rust binder: remove spin lock in rust shrink free page When forward-porting Rust Binder to 6.18, I neglected to take commit fb56fdf8b9a2 "mm/list lru: split the lock to per-cgroup scope" into account, and apparently I did not end...

5.7AI score0.00102EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/31 12:0 a.m.5 views

Linux Kernel Security Vulnerabilities

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of removal of the spinlock in the rustshrinkfreepage function. This issue may lead to...

5.5CVSS5.8AI score0.00102EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/31 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-71181

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: rustbinder: remove spinlock in rustshrinkfreepage When forward-porting Rust Binder to 6.18,...

5.5CVSS5.1AI score0.00102EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/01/30 12:0 a.m.4 views

Rust and Go Directed Fuzzing with LibAFL-DiFuzz

In modern SSDLC, program analysis and automated testing are essential for minimizing vulnerabilities before software release, with fuzzing being a fast and widely used dynamic testing method. However, traditional coverage-guided fuzzing may be less effective in specific tasks like verifying stati...

5.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/29 3:26 a.m.11 views

CVE-2026-24850

The ML-DSA crate is a Rust implementation of the Module-Lattice-Based Digital Signature Standard ML-DSA. Starting in version 0.0.4 and prior to version 0.1.0-rc.4, the ML-DSA signature verification implementation in the RustCrypto ml-dsa crate incorrectly accepts signatures with repeated duplicat...

5.3CVSS5.9AI score0.00299EPSS
Exploits0References1
Redos
Redos
added 2026/01/29 12:0 a.m.5 views

ROS-20260129-73-0017

Vulnerability in rust related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

6.3CVSS5.9AI score0.00482EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2026/01/28 4:44 p.m.13 views

ML-DSA Signature Verification Accepts Signatures with Repeated Hint Indices

Affected Crate: ml-dsa Affected Versions: v0.1.0-rc.2 and commits since b01c3b7 Severity: Medium Reporter: Oren Yomtov Fireblocks Summary The ML-DSA signature verification implementation in the RustCrypto ml-dsa crate incorrectly accepts signatures with repeated duplicate hint indices. According ...

5.3CVSS5.8AI score0.00299EPSS
Exploits0References13Affected Software1
vulnersOsv
vulnersOsv
added 2026/01/28 4:6 p.m.6 views

aperture-shared (=0.1.0), assemblylift-awslambda-host (>=0.2.0 <=0.3.0) +98 more potentially affected by unknown CVE via capnp (>=0.0.1 <=0.23.2)

capnp CARGO version =0.0.1, =0.2.0, =0.3.0, =0.2.0, =0.2.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.10.0, =0.0.1, =0.1.0, =0.0.1, =0.4.0, =0.5.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-5W5R-MF82-595P...

5.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/01/28 12:57 p.m.13 views

WhatsApp rolls out new protections against advanced exploits and spyware

WhatsApp is quietly rolling out a new safety layer for photos, videos, and documents, and it lives entirely under the hood. It won't change how you chat, but it will change what happens to the files that move through your chats—especially the kind that can hide malware. The new feature, called...

5.9AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/01/28 12:24 a.m.4 views

CVE-2026-24850

The ML-DSA crate is a Rust implementation of the Module-Lattice-Based Digital Signature Standard ML-DSA. Starting in version 0.0.4 and prior to version 0.1.0-rc.4, the ML-DSA signature verification implementation in the RustCrypto ml-dsa crate incorrectly accepts signatures with repeated duplicat...

5.3CVSS5.9AI score0.00299EPSS
Exploits0References12Affected Software1
CVE
CVE
added 2026/01/28 12:24 a.m.19 views

CVE-2026-24850

The CVE-2026-24850 issue affects the RustCrypto ml-dsa crate. A regression in the signature verification path allowed repeated hint indices by using a non-strict monotonic check (&lt;=) instead of a strict

5.3CVSS5.9AI score0.00299EPSS
Exploits0References11
OSV
OSV
added 2026/01/28 12:24 a.m.7 views

CVE-2026-24850 ML-DSA Signature Verification Accepts Signatures with Repeated Hint Indices

The ML-DSA crate is a Rust implementation of the Module-Lattice-Based Digital Signature Standard ML-DSA. Starting in version 0.0.4 and prior to version 0.1.0-rc.4, the ML-DSA signature verification implementation in the RustCrypto ml-dsa crate incorrectly accepts signatures with repeated duplicat...

5.3CVSS5.9AI score0.00299EPSS
Exploits0References13
The Hacker News
The Hacker News
added 2026/01/27 4:54 p.m.12 views

WhatsApp Rolls Out Lockdown-Style Security Mode to Protect Targeted Users From Spyware

Meta on Tuesday announced it's adding Strict Account Settings on WhatsApp to secure certain users against advanced cyber attacks because of who they are and what they do. The feature, similar to Lockdown Mode in Apple iOS and Advanced Protection in Android, aims to protect individuals, such as...

6.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.11 views

PT-2026-5038

Clatter is a no std compatible, pure Rust implementation of the Noise protocol framework with post-quantum support. Versiosn prior to2.2.0 have a protocol compliance vulnerability. The library allowed post-quantum handshake patterns that violated the PSK validity rule Noise Protocol Framework...

9.3CVSS5.8AI score0.00122EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/01/26 8:16 p.m.3 views

CVE-2026-0810

A flaw was found in gix-date. The gixdate::parse::TimeBuf::asstr function can generate strings containing invalid non-UTF8 characters. This issue violates the internal safety invariants of the TimeBuf component, leading to undefined behavior when these malformed strings are subsequently processed...

7.1CVSS5.8AI score0.00193EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2026/01/26 12:0 a.m.4 views

SUSE: Security Advisory (SUSE-SU-2026:20099-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9AI score
Exploits0References5
CNNVD
CNNVD
added 2026/01/26 12:0 a.m.13 views

GitOxide security vulnerabilities

GitOxide is a Git implementation written in Rust by Sebastian Thiel as a personal project. There is a security vulnerability in gix-date; this vulnerability stems from the asstr function potentially generating invalid non-UTF-8 strings, which may lead to unstable applications...

7.1CVSS5.8AI score0.00193EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/01/24 12:0 a.m.5 views

SUSE SLES16 Security Update : rust1.91, rust1.92 (SUSE-SU-2026:20099-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:20099-1 advisory. Rust is shipped in 1.91.0 version. Please see https://github.com/rust-lang/rust/releases/tag/1.91.0 for changes. Rust is shipped in 1.92.0...

5.6AI score
Exploits0References1
Rows per page
Query Builder