Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In 2020
CVE-2020-35926
An issue was discovered in the nanorand crate before 0.5.1 for Rust. It caused any random number generator (even ChaCha) to return all zeroes because integer truncation was mishandled.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-12-31
CVE-2020-35927
An issue was discovered in the thex crate through 2020-12-08 for Rust. Thex<T> allows cross-thread data races of non-Send types.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-12-31
CVE-2020-35928
An issue was discovered in the concread crate before 0.2.6 for Rust. Attackers can cause an ARCache<K,V> data race by sending types that do not implement Send/Sync.
CVSS Score
4.7
EPSS Score
0.0
Published
2020-12-31
CVE-2020-35903
An issue was discovered in the dync crate before 0.5.0 for Rust. VecCopy allows misaligned element access because u8 is not always the type in question.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-12-31
CVE-2020-35904
An issue was discovered in the crossbeam-channel crate before 0.4.4 for Rust. It has incorrect expectations about the relationship between the memory allocation and how many iterator elements there are.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-12-31
CVE-2020-35905
An issue was discovered in the futures-util crate before 0.3.7 for Rust. MutexGuard::map can cause a data race for certain closure situations (in safe code).
CVSS Score
4.7
EPSS Score
0.001
Published
2020-12-31
CVE-2020-35906
An issue was discovered in the futures-task crate before 0.3.6 for Rust. futures_task::waker may cause a use-after-free in a non-static type situation.
CVSS Score
7.8
EPSS Score
0.001
Published
2020-12-31
CVE-2020-35907
An issue was discovered in the futures-task crate before 0.3.5 for Rust. futures_task::noop_waker_ref allows a NULL pointer dereference.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-12-31
CVE-2020-35908
An issue was discovered in the futures-util crate before 0.3.2 for Rust. FuturesUnordered can lead to data corruption because Sync is mishandled.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-12-31
CVE-2020-35909
An issue was discovered in the multihash crate before 0.11.3 for Rust. The from_slice parsing code can panic via unsanitized data from a network server.
CVSS Score
7.5
EPSS Score
0.006
Published
2020-12-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved