9525 matches found
Exploit for CVE-2026-31431
cve-2026-31431 732 bytes required to execute root on all majo...
[SECURITY] Fedora 43 Update: rust-rpm-sequoia-1.10.2-1.fc43
An implementation of the RPM PGP interface using Sequoia...
[SECURITY] Fedora 44 Update: rust-rpm-sequoia-1.10.2-1.fc44
An implementation of the RPM PGP interface using Sequoia...
Fedora 44 : rust-rpm-sequoia (2026-a15009ab19)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-a15009ab19 advisory. Update to version 1.10.2. Addresses CVE-2026-2625. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note tha...
Fedora 43 : rust-rpm-sequoia (2026-a80c26d6f3)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-a80c26d6f3 advisory. Update to version 1.10.2. Addresses CVE-2026-2625. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note tha...
CVE-2026-41677
A flaw was found in rust-openssl, a library that provides OpenSSL functionalities for Rust applications. The library's password callback functions did not correctly check the size of data provided by a user's callback. This oversight could allow a specially crafted password callback to read beyon...
Fedora 44 : rust-sccache (2026-aef1b21b9c)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-aef1b21b9c advisory. Update to version 0.14.0 ---- Rebuilt with rust-tar 0.4.45 for CVE-2026-33056 Tenable has extracted the preceding description block directly from the Fedora...
CVE-2026-42427
OpenClaw before 2026.4.8 contains a remote code execution vulnerability caused by missing environment variable denylist entries for HGRCPATH, CARGOBUILDRUSTCWRAPPER, RUSTCWRAPPER, and MAKEFLAGS. Attackers can inject malicious build tool environment variables to influence host exec commands and...
An Empirical Security Evaluation of LLM-Generated Cryptographic Rust Code
Developers and organizations are using Large Language Models LLMs to generate security-critical code more frequently than ever, including cryptographic solutions for their products. This study presents an empirical evaluation of cryptographic security in 240 Rust code samples for two crypto...
Symbolic Execution Meets Multi-LLM Orchestration: Detecting Memory Vulnerabilities in Incomplete Rust CVE Snippets
This paper presents a system combining symbolic execution KLEE with a 4-agent multi-LLM architecture for detecting memory vulnerabilities in Rust unsafe code. A central challenge we address is the incomplete-code problem: CVE database entries provide only isolated code snippets that lack struct...
SNF - Shadow Network Fingerprinting Engine
SNF Shadow Network Fingerprinting Engine is a 100% offline, air-gap-native passive network intelligence engine written entirely in Rust. It was designed from the ground up for environments where outbound connectivity is not just unavailable but prohibited: classified defense networks, nuclear...
Linux Distros Unpatched Vulnerability : CVE-2026-41676
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.l...
Linux Distros Unpatched Vulnerability : CVE-2026-41681
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.39 to before 0.10.78, EVPDigestFinal always writes EVPMDCTXsizectx to the ou...
Linux Distros Unpatched Vulnerability : CVE-2026-41677
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.0 to before 0.10.78, the frompemcallback APIs did not validate the length...
Linux Distros Unpatched Vulnerability : CVE-2026-41678
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rust-openssl provides OpenSSL bindings for the Rust programming language. From to before 0.10.78, aes::unwrapkey contains an incorrect assertion: it checks that...
Linux Distros Unpatched Vulnerability : CVE-2026-41898
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.24 to before 0.10.78, the FFI trampolines behind...
Hickory DNS 安全漏洞
Hickory DNS is an open-source DNS client, server, and resolver built in Rust. Versions 0.1 to 0.25.2 of Hickory DNS contain security vulnerabilities. These vulnerabilities stem from cache data that is not directly associated with queries that trigger responses, allowing cross-region poisoning...
CVE-2026-41681
A flaw was found in rust-openssl, a library providing OpenSSL bindings for the Rust programming language. The EVPDigestFinal function, used for cryptographic hashing, can write past the end of its intended output buffer if the buffer is too small. This out-of-bounds write can corrupt the program'...
CVE-2026-41676
A flaw was found in rust-openssl, a library that provides cryptographic functionalities by binding to OpenSSL. When interacting with OpenSSL 1.1.x, the Deriver::derive function does not correctly manage buffer sizes during key derivation operations. This oversight can lead to a memory overflow,...
CVE-2026-41678
A flaw was found in rust-openssl, a library providing OpenSSL bindings for the Rust programming language. A remote attacker could exploit an incorrect assertion in the aes::unwrapkey function. This flaw causes the function to incorrectly validate buffer sizes, allowing a smaller output buffer tha...