CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

186 matches found

Github Security Blog•added 2023/03/07 8:13 p.m.•11 views

Maligned causes incorrect deallocation

maligned::alignfirst manually allocates with an alignment larger than T, and then uses Vec::fromrawparts on that allocation to get a Vec. GlobalAlloc::dealloc requires that the layout argument must be the same layout that was used to allocate that block of memory. When deallocating, Box and Vec m...

2.2AI score

Exploits0References4Affected Software1

OSV•added 2023/03/04 12:0 p.m.•12 views

RUSTSEC-2023-0017 `maligned::align_first` causes incorrect deallocation

7AI score

Exploits0References3

RustSec•added 2023/03/04 12:0 p.m.•16 views

`maligned::align_first` causes incorrect deallocation

2.2AI score

Exploits0

SUSE CVE•added 2023/02/15 3:41 a.m.•1 views

SUSE CVE-2021-31162

In the standard library in Rust before 1.52.0, a double free can occur in the Vec::fromiter function if freeing the element panics...

8.1CVSS7AI score0.0078EPSS

Exploits1References3

Positive Technologies•added 2023/02/14 12:0 a.m.•2 views

PT-2023-36098 · Safemem +1 · Safemem +1

Name of the Vulnerable Software and Affected Versions: safemem affected versions not specified Description: The safemem repository has been archived by its author, with the latest crates.io release dating back to 2019. For migration purposes, several functions can be replaced with their equivalen...

6.9AI score

Exploits0References4

RustSec•added 2023/01/24 12:0 p.m.•24 views

buf_redux is Unmaintained

Last release was over three years ago. The maintainers have been unreachable to respond to any issues that may or may not include security issues. The repository is now archived and there is no security policy in place to contact the maintainers otherwise. The safety-undocumented unsafe in the...

6.7AI score

Exploits0

OSV•added 2023/01/20 9:54 p.m.•27 views

GHSA-F85W-WVC7-CRWC bumpalo has use-after-free due to a lifetime error in `Vec::into_iter()`

In affected versions of this crate, the lifetime of the iterator produced by Vec::intoiter is not constrained to the lifetime of the Bump that allocated the vector's memory. Using the iterator after the Bump is dropped causes use-after-free accesses. The following example demonstrates memory...

7.3AI score

Exploits0References3

Github Security Blog•added 2023/01/20 9:54 p.m.•29 views

bumpalo has use-after-free due to a lifetime error in `Vec::into_iter()`

3AI score

Exploits0References3Affected Software1

OSV•added 2022/09/22 5:15 p.m.•11 views

CVE-2022-35024

OTFCC commit 617837b was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S...

6.5CVSS6.8AI score0.00254EPSS

Exploits1References2

NVD•added 2022/09/22 5:15 p.m.•9 views

CVE-2022-35024

OTFCC commit 617837b was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S...

6.5CVSS0.00254EPSS

Exploits1References2

Prion•added 2022/09/22 5:15 p.m.•18 views

Code injection

OTFCC commit 617837b was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S...

4.3CVSS6.4AI score0.00254EPSS

Exploits1References2

CVE•added 2022/09/22 4:53 p.m.•54 views

CVE-2022-35024

CVE-2022-35024 affects OTFCC (OpenType font tooling library). A segmentation fault has been observed in commit 617837b when executing code paths involving /multiarch/memmove-vec-unaligned-erms.S. The available connected documents consistently cite a segmentation violation at that location as the ...

6.5CVSS6.4AI score0.00254EPSS

Exploits1References2Affected Software1

Debian CVE•added 2022/09/22 4:53 p.m.•25 views

CVE-2022-35024

OTFCC commit 617837b was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S...

6.5CVSS6.4AI score0.00254EPSS

Exploits1

NVD•added 2022/09/21 12:15 a.m.•8 views

CVE-2022-35086

SWFTools commit 772e55a2 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S...

5.5CVSS0.00077EPSS

Exploits1References2

UbuntuCve•added 2022/09/21 12:15 a.m.•14 views

CVE-2022-35086

SWFTools commit 772e55a2 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S...

5.5CVSS6.1AI score0.00077EPSS

Exploits1References3

CVE•added 2022/09/20 11:56 p.m.•45 views

CVE-2022-35086

CVE-2022-35086 affects SWFTools, with the issue traced to a segmentation violation in the SWFTools code path via /multiarch/memmove-vec-unaligned-erms.S (commit 772e55a2). The CVE metadata shows a Medium severity (CVSSv3.1 base score 5.5) and a LOCAL attack vector, requiring user interaction for ...

5.5CVSS5.5AI score0.00077EPSS

Exploits1References2Affected Software1

NVD•added 2022/08/16 9:15 p.m.•11 views

CVE-2022-35481

OTFCC v0.10.4 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S...

6.5CVSS0.00433EPSS

Exploits1References1

NVD•added 2022/08/16 9:15 p.m.•8 views

CVE-2022-35101

SWFTools commit 772e55a2 was discovered to contain a segmentation violation via /multiarch/memset-vec-unaligned-erms.S...

5.5CVSS0.00047EPSS

Exploits1References1