CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3305 matches found

CVE•added 2024/03/06 7:27 p.m.•368 views

CVE-2024-27308

CVE-2024-27308 affects the Mio Rust library (Windows named pipes). Vulnerable are Mio versions 0.7.2 through 0.8.10; fixed in 0.8.11. The issue is that, in certain cases, tokens for named pipes can refer to deregistered pipes, which can lead to use-after-free scenarios, especially if applications...

9.1CVSS7.4AI score0.00937EPSS

Exploits0References4Affected Software2

OSV•added 2024/03/06 6:24 p.m.•15 views

GHSA-CGQF-3CQ5-WVCJ Apollo Router's Compressed Payloads do not respect HTTP Payload Limits

Impact The Apollo Router is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation. Affected versions are subject to a Denial-of-Service DoS type vulnerability. When receiving compressed HTTP payloads, affected versions of the Route...

7.5CVSS5.5AI score0.00293EPSS

Exploits0References3

Github Security Blog•added 2024/03/06 6:24 p.m.•48 views

Apollo Router's Compressed Payloads do not respect HTTP Payload Limits

7.5CVSS5.5AI score0.00293EPSS

Exploits0References3Affected Software1

OSV•added 2024/03/06 5:4 p.m.•14 views

GHSA-3J27-563V-28WF *const c_void / ExternalPointer unsoundness leading to use-after-free

Summary Use of inherently unsafe const cvoid and ExternalPointer leads to use-after-free access of the underlying structure, resulting in arbitrary code execution. Details const cvoid and ExternalPointer defined via external! macros types are used to represent v8::External wrapping arbitrary void...

8.4CVSS6.2AI score0.00293EPSS

Exploits1References2

OpenVAS•added 2024/03/04 12:0 a.m.•12 views

openSUSE: Security Advisory for rust, rust1.72 (SUSE-SU-2023:3722-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.6AI score0.00193EPSS

Exploits0References2

Prion•added 2024/02/29 1:44 a.m.•15 views

Code injection

cassandra-rs is a Cassandra CQL driver for Rust. Code that attempts to use an item e.g., a row returned by an iterator after the iterator has advanced to the next item will be accessing freed memory and experience undefined behaviour. The problem has been fixed in version 3.0.0...

5CVSS7.5AI score0.00484EPSS

Exploits0References2

Tenable Nessus•added 2024/02/29 12:0 a.m.•28 views

CentOS 9 : rust-1.71.1-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the rust-1.71.1-1.el9 build changelog. - Cargo downloads the Rust project's dependencies and compiles the project. Cargo prior to version 0.72.2, bundled with Rust prior to version 1.71.1,...

7.9CVSS7AI score0.05657EPSS

Exploits0References2

Cvelist•added 2024/02/28 3:46 p.m.•14 views

CVE-2024-27284 cassandra-rs non-idiomatic use of iterators leads to use after free

7.5CVSS7.8AI score0.00484EPSS

Exploits0References2

CVE•added 2024/02/28 3:46 p.m.•104 views

CVE-2024-27284

The CVE concerns the cassandra-rs Rust Cassandra (CQL) driver. A use-after-free exists when code uses an item from an iterator after advancing the iterator, potentially accessing freed memory. The issue is fixed in version 3.0.0; users with pre-3.0.0 versions should upgrade to 3.0.0 to mitigate. ...

7.5CVSS7.5AI score0.00484EPSS

Exploits0References2Affected Software1

OSV•added 2024/02/28 3:46 p.m.•35 views

CVE-2024-27284 cassandra-rs non-idiomatic use of iterators leads to use after free

7.5CVSS7.4AI score0.00484EPSS

Exploits0References4

OSV•added 2024/02/23 11:7 a.m.•2 views

OESA-2024-1201 rust security update

Rust is a systems programming language focused on three goals:safety, speed,and concurrency.It maintains these goals without having a garbage collector, making it a useful language for a number of use cases other languages are not good at: embedding in other languages, programs with specific spac...

9.8CVSS8.3AI score0.00376EPSS

Exploits0References2

Fedora•added 2024/02/22 2:43 a.m.•17 views

[SECURITY] Fedora 38 Update: rust-shadow-rs-0.8.1-8.fc38

A build-time information stored in your rust project...

9.8CVSS9.4AI score0.0182EPSS

Exploits0

Fedora•added 2024/02/22 2:43 a.m.•23 views

[SECURITY] Fedora 38 Update: rust-cargo-c-0.9.28-4.fc38

Helper program to build and install c-like libraries...

9.8CVSS9.5AI score0.0182EPSS

Exploits0

Fedora•added 2024/02/22 2:43 a.m.•13 views

[SECURITY] Fedora 38 Update: rust-git-delta-0.16.5-9.fc38

A syntax-highlighting pager for git...

9.8CVSS9.6AI score0.0182EPSS

Exploits0

Fedora•added 2024/02/20 1:40 a.m.•30 views

[SECURITY] Fedora 39 Update: rust-shadow-rs-0.8.1-8.fc39

A build-time information stored in your rust project...

9.8CVSS6.8AI score0.0182EPSS

Exploits0

Fedora•added 2024/02/20 1:40 a.m.•15 views

[SECURITY] Fedora 39 Update: rust-cargo-c-0.9.28-4.fc39

Helper program to build and install c-like libraries...

9.8CVSS7.3AI score0.0182EPSS

Exploits0

Fedora•added 2024/02/20 1:40 a.m.•22 views

[SECURITY] Fedora 39 Update: rust-git2-0.18.2-1.fc39

Bindings to libgit2 for interoperating with git repositories. This library is both threadsafe and memory safe and allows both reading and writing git repositories...

9.8CVSS7.3AI score0.0182EPSS

Exploits0

Fedora•added 2024/02/20 1:40 a.m.•24 views

[SECURITY] Fedora 39 Update: rust-git-delta-0.16.5-9.fc39

A syntax-highlighting pager for git...

9.8CVSS7.4AI score0.0182EPSS

Exploits0

Fedora•added 2024/02/20 1:40 a.m.•34 views

[SECURITY] Fedora 39 Update: rust-pretty-git-prompt-0.2.1-20.fc39

Your current git repository information inside a beautiful shell prompt...

9.8CVSS7.1AI score0.0182EPSS

Exploits0