CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2021/01/26 6:15 p.m.•20 views

CVE-2020-36208

An issue was discovered in the conquer-once crate before 0.3.2 for Rust. Thread crossing can occur for a non-Send but Sync type, leading to memory corruption...

7.8CVSS6.7AI score

OSV•added 2021/01/26 6:15 p.m.•2 views

CVE-2020-36204

An issue was discovered in the im crate through 2020-11-09 for Rust. Because TreeFocus does not have bounds on its Send trait or Sync trait, a data race can occur...

4.7CVSS5.8AI score0.00332EPSS

NVD•added 2021/01/26 6:15 p.m.•14 views

CVE-2020-36209

An issue was discovered in the late-static crate before 0.4.0 for Rust. Because Sync is implemented for LateStatic with T: Send, a data race can occur...

7CVSS6.8AI score0.00357EPSS

Prion•added 2021/01/26 6:15 p.m.•12 views

Design/Logic Flaw

An issue was discovered in the im crate through 2020-11-09 for Rust. Because TreeFocus does not have bounds on its Send trait or Sync trait, a data race can occur...

1.9CVSS4.8AI score0.00332EPSS

Prion•added 2021/01/26 6:15 p.m.•15 views

Memory corruption

An issue was discovered in the hashconsing crate before 1.1.0 for Rust. Because HConsed does not have bounds on its Send trait or Sync trait, memory corruption can occur...

5CVSS7.7AI score0.0136EPSS

Prion•added 2021/01/26 6:15 p.m.•14 views

Memory corruption

An issue was discovered in the mayqueue crate through 2020-11-10 for Rust. Because Queue does not have bounds on its Send trait or Sync trait, memory corruption can occur...

4.3CVSS5.9AI score0.01112EPSS

Prion•added 2021/01/26 6:15 p.m.•18 views

Memory corruption

An issue was discovered in the conquer-once crate before 0.3.2 for Rust. Thread crossing can occur for a non-Send but Sync type, leading to memory corruption...

4.6CVSS7.4AI score0.00426EPSS

The Hacker News•added 2021/01/26 11:0 a.m.•2 views

TikTok Bug Could Have Exposed Users' Profile Data and Phone Numbers

Cybersecurity researchers on Tuesday disclosed a now-patched security flaw in TikTok that could have potentially enabled an attacker to build a database of the app's users and their associated phone numbers for future malicious activity. Although this flaw only impacts those users who have linked...

5.8AI score

Exploits0

CNNVD•added 2021/01/26 12:0 a.m.•3 views

Rust Security Vulnerabilities

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust. The vulnerability stems from the unconditional implementation of Sync by AtomicOption , so data contention may occur...

5.9CVSS6.2AI score0.01107EPSS

Exploits1References2

CNNVD•added 2021/01/26 12:0 a.m.•4 views

Reffers Crate Security Breach

Reffers Crate through 2020-12-01 for Rust A security vulnerability exists that stems from the fact that ARefss can contain a !Send,!Sync object, resulting in data contention and memory corruption...

4.7CVSS5.8AI score0.00242EPSS

Exploits1References2

Gentoo Linux•added 2021/01/25 12:0 a.m.•106 views

glibc: Multiple vulnerabilities

Background glibc is a package that contains the GNU C library. Description Multiple vulnerabilities have been discovered in glibc. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workarou...

8.1CVSS2.8AI score0.05223EPSS

Exploits1

Cvelist•added 2021/01/22 9:6 a.m.•16 views

CVE-2020-36206

An issue was discovered in the rusb crate before 0.7.0 for Rust. Because of a lack of Send and Sync bounds, a data race and memory corruption can occur...

7AI score0.00285EPSS

Cvelist•added 2021/01/22 9:6 a.m.•13 views

CVE-2020-36207

An issue was discovered in the aovec crate through 2020-12-10 for Rust. Because Aovec does not have bounds on its Send trait or Sync trait, a data race and memory corruption can occur...

7AI score0.00285EPSS

Cvelist•added 2021/01/22 9:6 a.m.•16 views

CVE-2020-36208

An issue was discovered in the conquer-once crate before 0.3.2 for Rust. Thread crossing can occur for a non-Send but Sync type, leading to memory corruption...

7.5AI score0.00426EPSS

Cvelist•added 2021/01/22 9:4 a.m.•12 views

CVE-2020-36215

An issue was discovered in the hashconsing crate before 1.1.0 for Rust. Because HConsed does not have bounds on its Send trait or Sync trait, memory corruption can occur...

7.7AI score0.0136EPSS

Citrix•added 2021/01/22 12:0 a.m.•8 views

Issues with Workspace Environment Management (WEM) after deprecation of the legacy sync framework

Microsoft Sync Framework 2.1 reached End of Life on January 12, 2021. So, WEM has removed the legacy sync service based on that framework, and instead uses a new sync framework, Dotmim.Sync, an open-source sync framework. By default, the legacy sync service uses the port 8285, and the new sync...

7.2AI score

Exploits0

OSV•added 2021/01/21 5:15 p.m.•12 views

CVE-2020-8568

Kubernetes Secrets Store CSI Driver versions v0.0.15 and v0.0.16 allow an attacker who can modify a SecretProviderClassPodStatus/Status resource the ability to write content to the host filesystem and sync file contents to Kubernetes Secrets. This includes paths under var/lib/kubelet/pods that...

6.5CVSS6.7AI score

Exploits0References2

OSV•added 2020/12/31 10:15 a.m.•22 views

CVE-2020-35886

An issue was discovered in the arr crate through 2020-08-25 for Rust. An attacker can smuggle non-Sync/Send types across a thread boundary to cause a data race...

4.7CVSS6.7AI score0.01515EPSS

NVD•added 2020/12/31 10:15 a.m.•9 views

CVE-2020-35886

An issue was discovered in the arr crate through 2020-08-25 for Rust. An attacker can smuggle non-Sync/Send types across a thread boundary to cause a data race...

4.7CVSS4.7AI score0.00192EPSS