| Page(s) : 1 ... 727 728 729 730 731 732 733 734 735 736 [737] 738 739 740 741 742 743 744 745 746 747 ... | Result(s) : 43489 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2021-08-08 | CVE-2020-36432 | cve | An issue was discovered in the alg_ds crate through 2020-08-25 for Rust. There is a drop of uninitialized memory in Matrix::new(). |
| 9.8 | 2021-08-08 | CVE-2020-36434 | cve | An issue was discovered in the sys-info crate before 0.8.0 for Rust. sys_info::disk_info calls can trigger a double free. |
| 9.8 | 2021-08-08 | CVE-2020-36443 | cve | An issue was discovered in the libp2p-deflate crate before 0.27.1 for Rust. An uninitialized buffer is passed to AsyncRead::poll_read(), which is a user-provided trait function. |
| 9.8 | 2021-08-08 | CVE-2020-36452 | cve | An issue was discovered in the array-tools crate before 0.3.2 for Rust. FixedCapacityDequeLike::clone() has a drop of uninitialized memory. |
| 9.8 | 2021-08-08 | CVE-2021-38187 | cve | An issue was discovered in the anymap crate through 0.12.1 for Rust. It violates soundness via conversion of a *u8 to a *u64. |
| 9.8 | 2021-08-08 | CVE-2021-38188 | cve | An issue was discovered in the iced-x86 crate through 1.10.3 for Rust. In Decoder::new(), slice.get_unchecked(slice.length()) is used unsafely. |
| 9.8 | 2021-08-08 | CVE-2021-38189 | cve | An issue was discovered in the lettre crate before 0.9.6 for Rust. In an e-mail message body, an attacker can place a . character after two sequences and then inject arbitrary ... |
| 9.8 | 2021-08-08 | CVE-2021-38190 | cve | An issue was discovered in the nalgebra crate before 0.27.1 for Rust. It allows out-of-bounds memory access because it does not ensure that the number of elements is equal to th... |
| 9.8 | 2021-08-08 | CVE-2021-38194 | cve | An issue was discovered in the ark-r1cs-std crate before 0.3.1 for Rust. It does not enforce any constraints in the FieldVar::mul_by_inverse method. Thus, a prover can produce a... |
| 9.8 | 2021-08-08 | CVE-2021-38195 | cve | An issue was discovered in the libsecp256k1 crate before 0.5.0 for Rust. It can verify an invalid signature because it allows the R or S parameter to be larger than the curve or... |
| 9.8 | 2021-08-08 | CVE-2021-38196 | cve | An issue was discovered in the better-macro crate through 2021-07-22 for Rust. It intentionally demonstrates that remote attackers can execute arbitrary code via proc-macros, an... |
| 9.8 | 2021-08-08 | CVE-2021-23419 | cve | This affects the package open-graph before 0.2.6. The function parse could be tricked into adding or modifying properties of Object.prototype using a __proto__ or constructor pa... |
| 9.8 | 2021-08-08 | CVE-2021-38197 | cve | unarr.go in go-unarr (aka Go bindings for unarr) 0.1.1 allows Directory Traversal via ../ in a pathname within a TAR archive. |
| 9.8 | 2021-08-07 | CVE-2021-38167 | cve | Roxy-WI through 5.2.2.0 allows SQL Injection via check_login. An unauthenticated attacker can extract a valid uuid to bypass authentication. |
| 9.1 | 2021-08-07 | CVE-2021-29922 | cve | library/std/src/net/parser.rs in Rust before 1.53.0 does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) al... |
| 9.8 | 2021-08-07 | CVE-2021-38173 | cve | Btrbk before 0.31.2 allows command execution because of the mishandling of remote hosts filtering SSH commands using ssh_filter_btrbk.sh in authorized_keys. |
| 9.8 | 2021-08-07 | CVE-2021-38148 | cve | Obsidian before 0.12.12 does not require user confirmation for non-http/https URLs. |
| 9.8 | 2021-08-07 | CVE-2021-38159 | cve | In certain Progress MOVEit Transfer versions before 2021.0.4 (aka 13.0.4), SQL injection in the MOVEit Transfer web application could allow an unauthenticated remote attacker to... |
| 9.1 | 2021-08-06 | CVE-2021-37549 | cve | In JetBrains YouTrack before 2021.1.11111, sandboxing in workflows was insufficient. |
| 9.8 | 2021-08-06 | CVE-2021-36707 | cve | In ProLink PRC2402M V1.0.18 and older, the set_ledonoff function in the adm.cgi binary, accessible with a page parameter value of ledonoff contains a trivial command injection w... |
| Page(s) : 1 ... 727 728 729 730 731 732 733 734 735 736 [737] 738 739 740 741 742 743 744 745 746 747 ... | Result(s) : 43489 |
