Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-3v2x-9xcv-2v2v
  • crates.io/surrealdb
 SurrealDB Affected by Confused Deputy Privilege Escalation through Future Fields and Functions yesterday
  • Fix available
  • Severity - 7.5 (High)
GHSA-rjr4-v43m-pxq6
  • crates.io/triton-vm
 Triton VM Soundness Vulnerability due to Improper Sampling of Randomness 2 days ago
  • Fix available
  • Severity - 1.7 (Low)
RUSTSEC-2026-0004
  • crates.io/triton-vm
 Triton VM Soundness Vulnerability due to Improper Sampling of Randomness 2 days ago
  • Fix available
GHSA-m3c4-prhw-mrx6
  • crates.io/deno
 Deno has an incomplete fix for command-injection prevention on Windows — case-insensitive extension bypass 16 Jan
  • Fix available
  • Severity - 8.1 (High)
GHSA-5379-f5hf-w38v
  • crates.io/deno
 Deno node:crypto doesn't finalize cipher 16 Jan
  • Fix available
  • Severity - 9.2 (Critical)
GHSA-333v-68xh-8mmq
  • crates.io/rustfs
 RustFS's RPC signature verification logs shared secret 16 Jan
  • Fix available
  • Severity - 2.9 (Low)
GHSA-2gqc-6j2q-83qp
  • crates.io/cmov
 RustCrypto Utilities cmov: `thumbv6m-none-eabi` compiler emits non-constant time assembly when using `cmovnz` 15 Jan
  • Fix available
  • Severity - 8.9 (High)
RUSTSEC-2026-0003
  • crates.io/cmov
 Non-constant-time code generation on ARM32 targets 14 Jan
  • Fix available
  • Severity - 8.9 (High)
GHSA-hcp2-x6j4-29j7
  • crates.io/ml-dsa
 RustCrypto: Signatures has timing side-channel in ML-DSA decomposition 13 Jan
  • Fix available
  • Severity - 6.4 (Medium)
GHSA-j9xq-69pf-pcm8
  • crates.io/sm2
 RustCrypto Has Insufficient Length Validation in decrypt() in SM2-PKE 13 Jan
  • No fix available
  • Severity - 7.5 (High)
GHSA-mjjp-xjfg-97wg
  • PyPI/lief
  • crates.io/lief
 LIEF is vulnerable to segmentation fault 10 Jan
  • Fix available
  • Severity - 1.9 (Low)
GHSA-78p6-6878-8mj6
  • crates.io/sm2
 SM2-PKE has Unchecked AffinePoint Decoding (unwrap) in decrypt() 09 Jan
  • No fix available
  • Severity - 7.5 (High)
GHSA-w3g8-fp6j-wvqw
  • crates.io/sm2
 SM2-PKE has 32-bit Biased Nonce Vulnerability 09 Jan
  • No fix available
  • Severity - 8.7 (High)
GHSA-585q-cm62-757j
  • crates.io/mnl
 mnl has segmentation fault and invalid memory read in `mnl::cb_run` 09 Jan
  • No fix available
  • Severity - 2.0 (Low)
GHSA-54m3-5fxr-2f3j
  • crates.io/salvo
 Salvo is vulnerable to stored XSS in the list_html function by uploading files with malicious names 08 Jan
  • Fix available
  • Severity - 8.8 (High)
GHSA-rhfx-m35p-ff5j
  • crates.io/lru
 `IterMut` violates Stacked Borrows by invalidating internal pointer 07 Jan
  • Fix available
  • Severity - 2.7 (Low)
Load more...