393 matches found
EUVD-2021-1783
Malware in sbrugna...
EUVD-2022-50276
Malicious code in bioql PyPI...
EUVD-2022-38874
Malicious code in bioql PyPI...
EUVD-2022-46325
Malicious code in bioql PyPI...
RUSTSEC-2025-0052 async-std has been discontinued
The async-std has been discontinued. Alternatives: - smol...
async-std has been discontinued
The async-std has been discontinued. Alternatives: - smol...
Malicious code in @zalastax/nolb-react-std (npm)
The package @zalastax/nolb-react-std was found to contain malicious code...
MAL-2025-13779 Malicious code in @zalastax/nolb-react-std (npm)
The package @zalastax/nolb-react-std was found to contain malicious code...
CVE-2024-58263
The cosmwasm-std crate before 2.0.2 for Rust allows integer overflows that cause incorrect contract calculations...
CVE-2024-58263
The cosmwasm-std crate before 2.0.2 for Rust allows integer overflows that cause incorrect contract calculations...
CVE-2024-58263
The cosmwasm-std crate before 2.0.2 for Rust allows integer overflows that cause incorrect contract calculations...
cosmwasm-std crate 输入验证错误漏洞
cosmwasm-std crate is a CosmWasm open source framework for building smart contracts in Wasm for the Cosmos SDK. An input validation error vulnerability exists in cosmwasm-std crate versions prior to 2.0.2, which stems from an integer overflow that could lead to a computation error...
CVE-2024-58263
CVE-2024-58263 concerns the cosmwasm-std crate prior to version 2.0.2 for Rust, which allows integer overflows that can lead to incorrect contract calculations. The vulnerability stems from wrapping arithmetic used in core operations, potentially causing miscalculations in smart contracts that re...
Symlink Attack
Overview std/syscall is a Go standard library package std/syscall Affected versions of this package are vulnerable to Symlink Attack. Go Vulnerability Report:os.OpenFilepath, os.OCREATE|OEXCL behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix...
CVE-2024-51756
The cap-std project is organized around the eponymous cap-std crate, and develops libraries to make it easy to write capability-based code. cap-std's filesystem sandbox implementation on Windows blocks access to special device filenames such as "COM1", "COM2", "LPT0", "LPT1", and so on, however i...
CVE-2024-53432
While parsing certain malformed PLY files, PCL version 1.14.1 crashes due to an uncaught std::outofrange exception in PCLPointCloud2::at. This issue could potentially be exploited to cause a denial-of-service DoS attack when processing untrusted PLY files...
CVE-2022-36153
tifig v0.2.2 was discovered to contain a segmentation violation via std::vector ::size const at /bits/stlvector.h...
CVE-2021-38194
An issue was discovered in the ark-r1cs-std crate before 0.3.1 for Rust. It does not enforce any constraints in the FieldVar::mulbyinverse method. Thus, a prover can produce a proof that is unsound but is nonetheless verified...
RUSTSEC-2025-0036 surf is unmaintained
The developer has indicated that the crate is unmaintained. The last release is over three years old from 2021, the crate depends on the deprecated async-std crate and on a very old version of rustls for TLS support. Possible alternatives - reqwest - ureq...
PT-2025-21911 · Crates.Io · Surf
The developer has indicated that the crate is unmaintained. The last release is over three years old from 2021, the crate depends on the deprecated async-std crate and on a very old version of rustls for TLS support. Possible alternatives - reqwest - ureq...