Search Vulnerabilities

rust-openssl: Deriver::derive and PkeyCtxRef::derive can overflow short buffers on OpenSSL 1.1.1

rust-opennssl has an Out-of-bounds read in PEM password callback when returning an oversized length

rust-openssl has incorrect bounds assertion in aes key wrap

rust-openssl: rustMdCtxRef::digest_final() writes past caller buffer with no length check

rust-openssl: Unchecked callback length in PSK/cookie trampolines leaks adjacent memory to peer

RustFS: Missing admin authorization on notification target endpoints allows unauthenticated configuration of event webhooks

nimiq-blockchain: Peer-triggerable panic during history sync

nimiq-transaction: UpdateValidator transactions allows voting key change without proof-of-knowledge

nimiq-transaction: Panic via `HistoryTreeProof` length mismatch

nimiq-primitives: Node crash due to missing interlink validation in election macro block proposals

nimiq-account: Vesting insufficient funds error can panic

nimiq-block has skip block quorum bypass via out-of-range BitSet indices & u16 truncation

actix-http has HTTP/1.1 CL.TE Request Smuggling

Brillig: Heap corruption in foreign call results with nested tuple arrays

Malicious code in mysten_metrics (crates.io)

Zebra Vulnerable to Consensus Divergence in Transparent Sighash Hash-Type Handling

Zebra Vulnerable to Denial of Service via Interrupted JSON-RPC Requests from Authenticated Clients

Zebra has rk Identity Point Panic in Transaction Verification

Zebra: addr/addrv2 Deserialization Resource Exhaustion

Zebra: Cached Mempool Verification Bypasses Consensus Rules for Ahead-of-Tip Blocks