Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

128 matches found

OSV
OSVadded 2026/04/24 12:0 p.m.4 views

RUSTSEC-2026-0135 Unsound transmute while debug/display printing batch Insert statements in Diesel's SQLite backend

Diesel allows users to output the generated SQL for any query DSL construct via th diesel::debugquery function as Display and Debug output. For the particular implementation used by batch Insert statements in the SQLite backend Diesel relied on an unspecified transmute between types with a reprru...

5.9AI score
Exploits0References3
OSV
OSVadded 2026/04/14 1:3 a.m.0 views

GHSA-CQ8V-F236-94QC Rand is unsound with a custom logger using rand::rng()

It has been reported by @lopopolo that the rand library is unsound i.e. that safe code using the public API can cause Undefined Behaviour when all the following conditions are met: - The log and threadrng features are enabled - A custom logger is defined - The custom logger accesses rand::rng...

5.7AI score
Exploits0References3
Github Security Blog
Github Security Blogadded 2026/04/14 1:3 a.m.2 views

Rand is unsound with a custom logger using rand::rng()

It has been reported by @lopopolo that the rand library is unsound i.e. that safe code using the public API can cause Undefined Behaviour when all the following conditions are met: - The log and threadrng features are enabled - A custom logger is defined - The custom logger accesses rand::rng...

5.7AI score
Exploits0References3Affected Software1
OSV
OSVadded 2026/01/21 12:0 p.m.3 views

RUSTSEC-2026-0079 `DynFuture` drop can construct a dangling reference

DynFuture is unsound because its Drop implementation transmutes a trait-object reference into unrelated reference types, which constructs an invalid reference from trait object metadata. This issue was reproduced against dyn-future 3.0.4 under Miri. And the crate is unmaintained...

5.8AI score
Exploits0References3
RustSec
RustSecadded 2026/01/21 12:0 p.m.5 views

`DynFuture` drop can construct a dangling reference

DynFuture is unsound because its Drop implementation transmutes a trait-object reference into unrelated reference types, which constructs an invalid reference from trait object metadata. This issue was reproduced against dyn-future 3.0.4 under Miri. And the crate is unmaintained...

5.8AI score
Exploits0
Github Security Blog
Github Security Blogadded 2025/12/02 12:27 a.m.4 views

rtvm-interpreter lacks sufficient checks in public API

The affected function is unsound due to insufficient checks on public struct field...

6.9AI score
Exploits0References2Affected Software1
EUVD
EUVDadded 2025/11/12 9:25 p.m.2 views

EUVD-2025-131930

Wasmtime is a runtime for WebAssembly. Prior to version 38.0.4, 37.0.3, 36.0.3, and 24.0.5, Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host Rust to the contents of the linear...

1.8CVSS6AI score0.00012EPSS
Exploits0References7
OSV
OSVadded 2025/11/11 12:0 p.m.2 views

RUSTSEC-2025-0118 Unsound API access to a WebAssembly shared linear memory

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-hc7m-r6v8-hg9q For more information see the GitHub-hosted security advisory...

1.8CVSS6.3AI score0.00012EPSS
Exploits0References3
RustSec
RustSecadded 2025/10/31 12:0 p.m.3 views

Lack of sufficient checks in public API

The affected function is unsound due to insufficient checks on public struct field...

6.9AI score
Exploits0Affected Software1
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2021-1846

Malware in sbrugna...

9.8CVSS9.2AI score0.00363EPSS
Exploits1References7
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2021-1761

Malware in sbrugna...

7.5CVSS7.4AI score0.00389EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-29251

Malicious code in bioql PyPI...

6.6AI score
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-34885

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.03767EPSS
Exploits0References2
OSV
OSVadded 2025/09/15 1:58 p.m.0 views

GHSA-HHW4-XG65-FP2X serde_yml crate is unsound and unmaintained

Using serdeyml::ser::Serializer.emitter can cause a segmentation fault, which is unsound. The GitHub project for serdeyml was archived after unsoundness issues were raised. If you rely on this crate, it is highly recommended switching to a maintained alternative. Recommended alternatives -...

6.9CVSS5.9AI score
Exploits0References3
Github Security Blog
Github Security Blogadded 2025/09/15 1:58 p.m.6 views

serde_yml crate is unsound and unmaintained

Using serdeyml::ser::Serializer.emitter can cause a segmentation fault, which is unsound. The GitHub project for serdeyml was archived after unsoundness issues were raised. If you rely on this crate, it is highly recommended switching to a maintained alternative. Recommended alternatives -...

7AI score
Exploits0References3Affected Software1
OSV
OSVadded 2025/09/15 1:57 p.m.0 views

GHSA-GFXP-F68G-8X78 LibYML: `libyml::string::yaml_string_extend` is unsound and unmaintained

In version 0.0.4, libyml::string::yamlstringextend was revised resulting in undefined behaviour, which is unsound. The GitHub project for libyml was archived after unsoundness issues were raised. If you rely on this crate, it is highly recommended switching to a maintained alternative. Recommende...

8.7CVSS5.9AI score
Exploits0References3
Github Security Blog
Github Security Blogadded 2025/09/15 1:57 p.m.4 views

LibYML: `libyml::string::yaml_string_extend` is unsound and unmaintained

In version 0.0.4, libyml::string::yamlstringextend was revised resulting in undefined behaviour, which is unsound. The GitHub project for libyml was archived after unsoundness issues were raised. If you rely on this crate, it is highly recommended switching to a maintained alternative. Recommende...

7.1AI score
Exploits0References3Affected Software1
OSV
OSVadded 2025/09/11 12:0 p.m.1 views

RUSTSEC-2025-0067 `libyml::string::yaml_string_extend` is unsound and unmaintained

In version 0.0.4, libyml::string::yamlstringextend was revised resulting in undefined behaviour, which is unsound. The GitHub project for libyml was archived after unsoundness issues were raised. If you rely on this crate, it is highly recommended switching to a maintained alternative. Recommende...

7.1AI score
Exploits0References3
RustSec
RustSecadded 2025/09/11 12:0 p.m.6 views

serde_yml crate is unsound and unmaintained

Using serdeyml::ser::Serializer.emitter can cause a segmentation fault, which is unsound. The GitHub project for serdeyml was archived after unsoundness issues were raised. If you rely on this crate, it is highly recommended switching to a maintained alternative. Recommended alternatives -...

7AI score
Exploits0
OSV
OSVadded 2025/09/11 12:0 p.m.4 views

RUSTSEC-2025-0068 serde_yml crate is unsound and unmaintained

Using serdeyml::ser::Serializer.emitter can cause a segmentation fault, which is unsound. The GitHub project for serdeyml was archived after unsoundness issues were raised. If you rely on this crate, it is highly recommended switching to a maintained alternative. Recommended alternatives -...

7AI score
Exploits0References3
Rows per page
Query Builder