|
198321
|
9.8 |
CRITICAL
Network
|
cbox_project
|
cbox
|
An issue was discovered in the cbox crate through 2020-03-19 for Rust. The CBox API allows dereferencing raw pointers without a requirement for unsafe code.
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-35860
|
2024-11-21 14:28 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198322
|
9.1 |
CRITICAL
Network
|
lucet-runtime-internals_project
|
lucet-runtime-internals
|
An issue was discovered in the lucet-runtime-internals crate before 0.5.1 for Rust. It mishandles sigstack allocation. Guest programs may be able to obtain sensitive information, or guest programs ca…
|
CWE-125
CWE-787
Out-of-bounds Read
Out-of-bounds Write
|
CVE-2020-35859
|
2024-11-21 14:28 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198323
|
9.8 |
CRITICAL
Network
|
prost_project
|
prost
|
An issue was discovered in the prost crate before 0.6.1 for Rust. There is stack consumption via a crafted message, causing a denial of service (e.g., x86) or possibly remote code execution (e.g., AR…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-35858
|
2024-11-21 14:28 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198324
|
7.5 |
HIGH
Network
|
trust-dns-server_project
|
trust-dns-server
|
An issue was discovered in the trust-dns-server crate before 0.18.1 for Rust. DNS MX and SRV null targets are mishandled, causing stack consumption.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-35857
|
2024-11-21 14:28 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198325
|
4.7 |
MEDIUM
Local
|
concread_project
|
concread
|
An issue was discovered in the concread crate before 0.2.6 for Rust. Attackers can cause an ARCache<K,V> data race by sending types that do not implement Send/Sync.
|
CWE-362
Race Condition
|
CVE-2020-35928
|
2024-11-21 14:28 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198326
|
5.5 |
MEDIUM
Local
|
thex_project
|
thex
|
An issue was discovered in the thex crate through 2020-12-08 for Rust. Thex<T> allows cross-thread data races of non-Send types.
|
NVD-CWE-noinfo
|
CVE-2020-35927
|
2024-11-21 14:28 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198327
|
9.8 |
CRITICAL
Network
|
nanorand_project
|
nanorand
|
An issue was discovered in the nanorand crate before 0.5.1 for Rust. It caused any random number generator (even ChaCha) to return all zeroes because integer truncation was mishandled.
|
CWE-330
CWE-681
Use of Insufficiently Random Values
Incorrect Conversion between Numeric Types
|
CVE-2020-35926
|
2024-11-21 14:28 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198328
|
5.5 |
MEDIUM
Local
|
magnetic_project
|
magnetic
|
An issue was discovered in the magnetic crate before 2.0.1 for Rust. MPMCConsumer and MPMCProducer allow cross-thread sending of a non-Send type.
|
NVD-CWE-noinfo
|
CVE-2020-35925
|
2024-11-21 14:28 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198329
|
5.5 |
MEDIUM
Local
|
try-mutex_project
|
try-mutex
|
An issue was discovered in the try-mutex crate before 0.3.0 for Rust. TryMutex<T> allows cross-thread sending of a non-Send type.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-35924
|
2024-11-21 14:28 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198330
|
5.5 |
MEDIUM
Local
|
ordered-float_project
|
ordered-float
|
An issue was discovered in the ordered-float crate before 1.1.1 and 2.x before 2.0.1 for Rust. A NotNan value can contain a NaN.
|
CWE-416
Use After Free
|
CVE-2020-35923
|
2024-11-21 14:28 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
