CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

187 matches found

vulnersOsv•added 2026/03/03 8:9 p.m.•0 views

jsonwebtoken-aws-lc (=9.3.0), jwts (>=0.5.0 <=0.5.1) +2 more potentially affected by CVE-2026-3337 via aws-lc-sys (>=0.14.1 <=0.21.0)

aws-lc-sys CARGO version =0.14.1, =0.5.0, =0.102.2, =0.20.0, =0.31.0 Source cves: CVE-2026-3337 Source advisory: OSV:GHSA-65P9-R9H6-22VJ...

8.2CVSS7.4AI score0.01079EPSS

Exploits0

Tenable Nessus•added 2026/01/22 12:0 a.m.•4 views

Azure Linux 3.0 Security Update: kata-containers (CVE-2024-32650)

The version of kata-containers installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-32650 advisory. - Rustls is a modern TLS library written in Rust. rustls::ConnectionCommon::completeio could fall int...

7.5CVSS5.6AI score0.00949EPSS

Exploits0References2

vulnersOsv•added 2025/11/28 12:0 p.m.•1 views

AskAI (=0.1.0), BiliupApi (>=0.1.0 <=0.1.7) +4218 more potentially affected by unknown CVE via rustls-pemfile (>=0.2.1 <=2.2.0)

rustls-pemfile CARGO version =0.2.1, =0.1.0, =0.1.0, =0.1.0, =0.7.0, =0.4.0, =0.21.0-alpha.1, =0.1.11, =0.11.0, =0.2.0, =0.5.1, =0.5.4 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0134...

5.5AI score

Exploits0

RustSec•added 2025/11/28 12:0 p.m.•5 views

rustls-pemfile is unmaintained

The rustls-pemfile crate is no longer maintained. The repository has been archived since August 2025, and users are encouraged to depend directly on the underlying PEM parsing code included in rustls-pki-types since 1.9.0. The latest version of rustls-pemfile is in fact a thin wrapper around the...

7.2AI score

Exploits0

OSV•added 2025/11/28 12:0 p.m.•13 views

RUSTSEC-2025-0134 rustls-pemfile is unmaintained

7.1AI score

Exploits0References3

Hacker One•added 2025/11/16 7:32 a.m.•14 views

curl: Double-free vulnerability in libcurl with rustls via NoServerCertVerifier condition leads to application crash

Summary: There is a double-free in libcurl with rustls. The root cause is reported and it is fixed in https://github.com/curl/curl/pull/19425, while I did not try to evaluate the actual triggering at that time. No AI was used to find the issue or generate the report. Affected version It was...

6.7AI score

Exploits0

Hacker One•added 2025/11/15 10:45 p.m.•13 views

curl: Incorrect sizeof() in Rustls Backend Memory Allocation

Summary There's a bug in lib/vtls/rustls.c where malloc uses sizeofciphersuites instead of sizeofciphersuites. This allocates memory based on pointer size rather than element size. Steps To Reproduce 1. Look at lib/vtls/rustls.c line 530: c const struct rustlssupportedciphersuite ciphersuites =...

7.3AI score

Exploits0

SUSE Linux•added 2025/10/17 11:38 a.m.•4 views

Security update for gstreamer-plugins-rs

This update for gstreamer-plugins-rs fixes the following issues: Update to version 0.12.11 jscPED-13826: CVE-2024-32650: Fixed infinite loop in rustls::conn::ConnectionCommon:completeio with proper client input bsc1223219. Patch Instructions: To install this SUSE update use the SUSE recommended...

7.5CVSS7AI score0.00949EPSS

Exploits0References6

OSV•added 2025/10/17 11:38 a.m.•2 views

SUSE-SU-2025:03629-1 Security update for gstreamer-plugins-rs

This update for gstreamer-plugins-rs fixes the following issues: Update to version 0.12.11 jscPED-13826: - CVE-2024-32650: Fixed infinite loop in rustls::conn::ConnectionCommon:completeio with proper client input bsc1223219...

7.5CVSS7.4AI score0.00949EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2021-1514

Malware in sbrugna...

7.5CVSS7.4AI score0.01336EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2019-6524

Malware in sbrugna...

7.5CVSS7.6AI score0.02233EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-34179

Malicious code in bioql PyPI...

7.5CVSS5.5AI score0.00693EPSS

Exploits1References6

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2024-1125

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.00949EPSS

Exploits0References9

Microsoft CVE•added 2025/09/04 5:13 a.m.•3 views

Rustls: rustls network-reachable panic in `acceptor::accept`

...

7.5CVSS7AI score0.00693EPSS

Exploits1

Tenable Nessus•added 2025/08/19 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2024-11738

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service panic via a fragmented TLS ClientHello message. CVE-2024-11738...

7.5CVSS6AI score0.00693EPSS

Exploits1References2

OSV•added 2025/08/15 12:51 p.m.•1 views

SUSE-SU-2025:02809-1 Security update for rust-keylime

This update for rust-keylime fixes the following issues: - Update to version 0.2.7+141: CVE-2025-58266: shlex: Fixed command injection bsc1247193 - Update to version 0.2.7+117: CVE-2023-26964: rust-keylime: hyper,h2: stream stacking when H2 processing HTTP2 RSTSTREAM frames bsc1210344...

8.8CVSS5.8AI score0.01111EPSS

Exploits2References14

NVD•added 2025/07/05 2:15 a.m.•4 views

CVE-2024-58254

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-11738. Reason: This candidate is a duplicate of CVE-2024-11738. Notes: All CVE users should reference CVE-2024-11738 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

Exploits0

Positive Technologies•added 2025/07/05 12:0 a.m.•4 views

PT-2025-28032 · Rustls · Rustls

Name of the Vulnerable Software and Affected Versions: rustls versions 0.23.13 through 0.23.17 Description: The issue allows a panic via a fragmented TLS ClientHello when rustls::server::Acceptor::accept is used. Recommendations: For rustls versions 0.23.13 through 0.23.17, update to version...

5.3CVSS6.5AI score

Exploits0References6