Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-j8cj-hw74-64jv
  • crates.io/hivex
 Hive has Double-free and Use After Free Vulnerabilities 2 days ago
  • Fix available
RUSTSEC-2026-0027
  • crates.io/tracings
 `tracings` was removed from crates.io for malicious code 4 days ago
  • No fix available
RUSTSEC-2026-0028
  • crates.io/tracing_checks
 `tracing_checks` was removed from crates.io for transitively including malicious code 4 days ago
  • No fix available
RUSTSEC-2026-0029
  • crates.io/hivex
 Double-free and use-after-free for Hive 4 days ago
  • Fix available
GHSA-v9fg-3cr2-277j
  • crates.io/rustfs
 Rust has Critical Stored XSS in Preview Modal, leading to Administrative Account Takeover 4 days ago
  • Fix available
  • Severity - 9.0 (Critical)
GHSA-w5fh-f8xh-5x3p
  • crates.io/rustfs
 RustFS: Missing Post Policy Validation leads to Arbitrary Object Write 4 days ago
  • Fix available
  • Severity - 8.1 (High)
GHSA-x43w-ph7m-pfjx
  • crates.io/hexchat
 hexchat crate has a Use After Free vulnerability 4 days ago
  • No fix available
  • Severity - 7.2 (High)
GHSA-243v-98vx-264h
  • crates.io/wasmtime
 Wasmtime can panic when adding excessive fields to a `wasi:http/types.fields` instance 5 days ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-852m-cvvp-9p4w
  • crates.io/wasmtime
 Wasmtime WASI implementations are vulnerable to guest-controlled resource exhaustion 5 days ago
  • Fix available
  • Severity - 5.9 (Medium)
GHSA-xjhv-v822-pf94
  • crates.io/wasmtime
 Wasmtime is vulnerable to panic when dropping a `[Typed]Func::call_async` future 5 days ago
  • Fix available
  • Severity - 6.9 (Medium)
RUSTSEC-2026-0018
  • crates.io/rpc-check
 `rpc-check` was removed from crates.io for malicious code 6 days ago
  • No fix available
RUSTSEC-2026-0019
  • crates.io/tracing-check
 `tracing-check` was removed from crates.io for malicious code 6 days ago
  • No fix available
RUSTSEC-2026-0020
  • crates.io/wasmtime
 Guest-controlled resource exhaustion in WASI implementations 6 days ago
  • Fix available
  • Severity - 6.9 (Medium)
RUSTSEC-2026-0021
  • crates.io/wasmtime
 Panic adding excessive fields to a `wasi:http/types.fields` instance 6 days ago
  • Fix available
  • Severity - 6.9 (Medium)
RUSTSEC-2026-0022
  • crates.io/wasmtime
 Panic when dropping a `[Typed]Func::call_async` future 6 days ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-qhp6-635j-x7r2
  • crates.io/static-web-server
 Static Web Server affected by timing-based username enumeration in Basic Authentication due to early response on invalid usernames 20 Feb
  • Fix available
  • Severity - 5.3 (Medium)
Load more...