Skip to main content
CVE-2021-38197 CRITICAL POC PATCH Act Now

unarr.go in go-unarr (aka Go bindings for unarr) 0.1.1 allows Directory Traversal via ../ in a pathname within a TAR archive. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Go Unarr
NVD GitHub
CVSS 3.1
9.8
EPSS
2.1%
CVE-2021-23419 CRITICAL POC PATCH Act Now

This affects the package open-graph before 0.2.6. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Prototype Pollution Information Disclosure Open Graph
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2021-38196 CRITICAL POC Act Now

An issue was discovered in the better-macro crate through 2021-07-22 for Rust. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Better Macro
NVD
CVSS 3.1
9.8
EPSS
2.6%
CVE-2021-38195 CRITICAL POC PATCH Act Now

An issue was discovered in the libsecp256k1 crate before 0.5.0 for Rust. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Jwt Attack Libsecp256K1
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2021-38194 CRITICAL POC PATCH Act Now

An issue was discovered in the ark-r1cs-std crate before 0.3.1 for Rust. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Ark R1Cs Std
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2021-38190 CRITICAL POC PATCH Act Now

An issue was discovered in the nalgebra crate before 0.27.1 for Rust. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Nalgebra
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2021-38189 CRITICAL POC PATCH Act Now

An issue was discovered in the lettre crate before 0.9.6 for Rust. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Lettre
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2021-38188 CRITICAL POC PATCH Act Now

An issue was discovered in the iced-x86 crate through 1.10.3 for Rust. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Iced X86
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2021-38187 CRITICAL POC Act Now

An issue was discovered in the anymap crate through 0.12.1 for Rust. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Anymap
NVD
CVSS 3.1
9.8
EPSS
1.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy