Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-36470 | 1 Disrustor Project | 1 Disrustor | 2021-08-16 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered in the disrustor crate through 2020-12-17 for Rust. RingBuffer doe not properly limit the number of mutable references. | |||||
| CVE-2020-36469 | 1 Appendix Project | 1 Appendix | 2021-08-16 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered in the appendix crate through 2020-11-15 for Rust. For the generic K and V type parameters, Send and Sync are implemented unconditionally. | |||||
| CVE-2020-36468 | 1 Cgc Project | 1 Cgc | 2021-08-16 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered in the cgc crate through 2020-12-10 for Rust. Ptr::write performs non-atomic write operations on an underlying pointer. | |||||
| CVE-2020-36461 | 1 Noise Search Project | 1 Noise Search | 2021-08-16 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the noise_search crate through 2020-12-10 for Rust. There are unconditional implementations of Send and Sync for MvccRwLock. | |||||
| CVE-2020-36453 | 1 Scottqueue Project | 1 Scottqueue | 2021-08-16 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the scottqueue crate through 2020-11-15 for Rust. There are unconditional implementations of Send and Sync for Queue<T>. | |||||
| CVE-2020-21363 | 1 Maccms | 1 Maccms | 2021-08-16 | 5.5 MEDIUM | 6.5 MEDIUM |
| An arbitrary file deletion vulnerability exists within Maccms10. | |||||
| CVE-2021-32438 | 1 Gpac | 1 Gpac | 2021-08-16 | 4.3 MEDIUM | 5.5 MEDIUM |
| The gf_media_export_filters function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||||
| CVE-2020-21359 | 1 Maccms | 1 Maccms | 2021-08-16 | 7.5 HIGH | 9.8 CRITICAL |
| An arbitrary file upload vulnerability in the Template Upload function of Maccms10 allows attackers bypass the suffix whitelist verification to execute arbitrary code via adding a character to the end of the uploaded file's name. | |||||
| CVE-2021-32439 | 1 Gpac | 1 Gpac | 2021-08-16 | 6.8 MEDIUM | 7.8 HIGH |
| Buffer overflow in the stbl_AppendSize function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | |||||
| CVE-2021-32440 | 1 Gpac | 1 Gpac | 2021-08-16 | 4.3 MEDIUM | 5.5 MEDIUM |
| The Media_RewriteODFrame function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||||
| CVE-2021-32437 | 1 Gpac | 1 Gpac | 2021-08-16 | 4.3 MEDIUM | 5.5 MEDIUM |
| The gf_hinter_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||||
| CVE-2020-36451 | 1 Rcu Cell Project | 1 Rcu Cell | 2021-08-16 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the rcu_cell crate through 2020-11-14 for Rust. There are unconditional implementations of Send and Sync for RcuCell<T>. | |||||
| CVE-2017-16630 | 1 Sapphireims | 1 Sapphireims | 2021-08-16 | 6.5 MEDIUM | 8.8 HIGH |
| In SapphireIMS 4097_1, a guest user can create a local administrator account on any system that has SapphireIMS installed, because of an Insecure Direct Object Reference (IDOR) in the local user creation function. | |||||
| CVE-2017-16631 | 1 Sapphireims | 1 Sapphireims | 2021-08-16 | 4.0 MEDIUM | 6.5 MEDIUM |
| In SapphireIMS 4097_1, a guest user is able to change the password of an administrative user by utilizing an Insecure Direct Object Reference (IDOR) in the "Account Password Reset" functionality. | |||||
| CVE-2017-16632 | 1 Sapphireims | 1 Sapphireims | 2021-08-16 | 5.0 MEDIUM | 7.5 HIGH |
| In SapphireIMS 4097_1, the password in the database is stored in Base64 format. | |||||
| CVE-2021-38194 | 1 Arcworks | 1 Ark-r1cs-std | 2021-08-16 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the ark-r1cs-std crate before 0.3.1 for Rust. It does not enforce any constraints in the FieldVar::mul_by_inverse method. Thus, a prover can produce a proof that is unsound but is nonetheless verified. | |||||
| CVE-2021-38190 | 1 Dimforge | 1 Nalgebra | 2021-08-16 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the nalgebra crate before 0.27.1 for Rust. It allows out-of-bounds memory access because it does not ensure that the number of elements is equal to the product of the row count and column count. | |||||
| CVE-2021-22919 | 1 Citrix | 21 4000-wo, 4100-wo, 5000-wo and 18 more | 2021-08-16 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to the limited available disk space on the appliances being fully consumed. | |||||
| CVE-2021-38195 | 1 Parity | 1 Libsecp256k1 | 2021-08-16 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the libsecp256k1 crate before 0.5.0 for Rust. It can verify an invalid signature because it allows the R or S parameter to be larger than the curve order, aka an overflow. | |||||
| CVE-2020-36466 | 1 Cgc Project | 1 Cgc | 2021-08-16 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered in the cgc crate through 2020-12-10 for Rust. Ptr implements Send and Sync for all types. | |||||