Export limit exceeded: 75391 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (75391 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-36444 | 1 Async-coap Project | 1 Async-coap | 2024-11-21 | 8.1 High |
| An issue was discovered in the async-coap crate through 2020-12-08 for Rust. Send and Sync are implemented for ArcGuard<RC, T> without trait bounds on RC. | ||||
| CVE-2020-36442 | 1 Beef Project | 1 Beef | 2024-11-21 | 8.1 High |
| An issue was discovered in the beef crate before 0.5.0 for Rust. beef::Cow has no Sync bound on its Send trait. | ||||
| CVE-2020-36441 | 1 Abox Project | 1 Abox | 2024-11-21 | 8.1 High |
| An issue was discovered in the abox crate before 0.4.1 for Rust. It implements Send and Sync for AtomicBox<T> with no requirement for T: Send and T: Sync. | ||||
| CVE-2020-36440 | 1 Libsbc Project | 1 Libsbc | 2024-11-21 | 8.1 High |
| An issue was discovered in the libsbc crate before 0.1.5 for Rust. For Decoder<R>, it implements Send for any R: Read. | ||||
| CVE-2020-36439 | 1 Ticketed Lock Project | 1 Ticketed Lock | 2024-11-21 | 8.1 High |
| An issue was discovered in the ticketed_lock crate before 0.3.0 for Rust. There are unconditional implementations of Send for ReadTicket<T> and WriteTicket<T>. | ||||
| CVE-2020-36438 | 1 Tiny Future Project | 1 Tiny Future | 2024-11-21 | 8.1 High |
| An issue was discovered in the tiny_future crate before 0.4.0 for Rust. Future<T> does not have bounds on its Send and Sync traits. | ||||
| CVE-2020-36437 | 1 Conqueue Project | 1 Conqueue | 2024-11-21 | 8.1 High |
| An issue was discovered in the conqueue crate before 0.4.0 for Rust. There are unconditional implementations of Send and Sync for QueueSender<T>. | ||||
| CVE-2020-36436 | 1 Unicycle Project | 1 Unicycle | 2024-11-21 | 8.1 High |
| An issue was discovered in the unicycle crate before 0.7.1 for Rust. PinSlab<T> and Unordered<T, S> do not have bounds on their Send and Sync traits. | ||||
| CVE-2020-36435 | 1 Ruspiro-singleton Project | 1 Ruspiro-singleton | 2024-11-21 | 8.1 High |
| An issue was discovered in the ruspiro-singleton crate before 0.4.1 for Rust. In Singleton, Send and Sync do not have bounds checks. | ||||
| CVE-2020-36433 | 1 Aeplay | 1 Chunky | 2024-11-21 | 7.5 High |
| An issue was discovered in the chunky crate through 2020-08-25 for Rust. The Chunk API does not honor an alignment requirement. | ||||
| CVE-2020-36430 | 2 Fedoraproject, Libass Project | 2 Fedora, Libass | 2024-11-21 | 7.8 High |
| libass 0.15.x before 0.15.1 has a heap-based buffer overflow in decode_chars (called from decode_font and process_text) because the wrong integer data type is used for subtraction. | ||||
| CVE-2020-36428 | 1 Matio Project | 1 Matio | 2024-11-21 | 8.8 High |
| matio (aka MAT File I/O Library) 1.5.18 through 1.5.21 has a heap-based buffer overflow in ReadInt32DataDouble (called from ReadInt32Data and Mat_VarRead4). | ||||
| CVE-2020-36426 | 2 Arm, Debian | 2 Mbed Tls, Debian Linux | 2024-11-21 | 7.5 High |
| An issue was discovered in Arm Mbed TLS before 2.24.0. mbedtls_x509_crl_parse_der has a buffer over-read (of one byte). | ||||
| CVE-2020-36423 | 2 Arm, Debian | 2 Mbed Tls, Debian Linux | 2024-11-21 | 7.5 High |
| An issue was discovered in Arm Mbed TLS before 2.23.0. A remote attacker can recover plaintext because a certain Lucky 13 countermeasure doesn't properly consider the case of a hardware accelerator. | ||||
| CVE-2020-36420 | 1 Polipo Project | 1 Polipo | 2024-11-21 | 7.5 High |
| Polipo through 1.1.1, when NDEBUG is omitted, allows denial of service via a reachable assertion during parsing of a malformed Range header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2020-36407 | 2 Aomedia, Linux | 2 Libavif, Linux Kernel | 2024-11-21 | 8.8 High |
| libavif 0.8.0 and 0.8.1 has an out-of-bounds write in avifDecoderDataFillImageGrid. | ||||
| CVE-2020-36406 | 2 Linux, Uwebsockets Project | 2 Linux Kernel, Uwebsockets | 2024-11-21 | 8.8 High |
| uWebSockets 18.11.0 and 18.12.0 has a stack-based buffer overflow in uWS::TopicTree::trimTree (called from uWS::TopicTree::unsubscribeAll). NOTE: the vendor's position is that this is "a minor issue or not even an issue at all" because the developer of an application (that uses uWebSockets) should not be allowing the large number of triggered topics to accumulate | ||||
| CVE-2020-36405 | 2 Keystone-engine, Linux | 2 Keystone Engine, Linux Kernel | 2024-11-21 | 7.8 High |
| Keystone Engine 0.9.2 has a use-after-free in llvm_ks::X86Operand::getToken. | ||||
| CVE-2020-36404 | 2 Keystone-engine, Linux | 2 Keystone, Linux Kernel | 2024-11-21 | 7.8 High |
| Keystone Engine 0.9.2 has an invalid free in llvm_ks::SmallVectorImpl<llvm_ks::MCFixup>::~SmallVectorImpl. | ||||
| CVE-2020-36403 | 2 Htslib, Linux | 2 Htslib, Linux Kernel | 2024-11-21 | 8.8 High |
| HTSlib through 1.10.2 allows out-of-bounds write access in vcf_parse_format (called from vcf_parse and vcf_read). | ||||