Lucene search
+L

38 matches found

EUVD
EUVD
added 2026/04/08 1:6 a.m.5 views

EUVD-2026-20018

Context was not properly tracked across template branches for JS template literals, leading to possibly incorrect escaping of content when branches were used. Additionally template actions within JS template literals did not properly track the brace depth, leading to incorrect escaping being...

5.9AI score0.0029EPSS
Exploits0References4
Snyk
Snyk
added 2026/04/07 10:53 p.m.7 views

Cross-site Scripting (XSS)

Overview std/html/template is a Go standard library package std/html/template Affected versions of this package are vulnerable to Cross-site Scripting XSS. Go Vulnerability Report: Context was not properly tracked across template branches for JS template literals, leading to possibly incorrect...

6.1CVSS5.5AI score0.0029EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/10/31 4:38 p.m.4 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix accesses to uninit stack slots Privileged programs are supposed to be able to read uninitialized stack memory ever since 6715df8d5 but, before this patch, these accesses were permitted inconsistently. In particular,...

7.8CVSS6.8AI score0.00239EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 7:20 a.m.7 views

CVE-2024-44073

The Miniscript aka rust-miniscript library before 12.2.0 for Rust allows stack consumption because it does not properly track tree depth...

7.5CVSS6.9AI score0.00633EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2024/08/19 3:30 a.m.16 views

Miniscript allows stack consumption

The Miniscript aka rust-miniscript library for Rust allows stack consumption because it does not properly track tree depth...

7.5CVSS7.6AI score0.00633EPSS
Exploits0References11Affected Software1
Cvelist
Cvelist
added 2024/08/19 12:0 a.m.28 views

CVE-2024-44073

The Miniscript aka rust-miniscript library before 12.2.0 for Rust allows stack consumption because it does not properly track tree depth...

0.00633EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/08/18 12:0 a.m.7 views

PT-2024-30937 · Unknown · Miniscript

Name of the Vulnerable Software and Affected Versions: Miniscript library versions prior to 12.2.0 Description: The issue allows stack consumption because the Miniscript library does not properly track tree depth. Recommendations: For versions prior to 12.2.0, update to version 12.2.0 or later to...

7.5CVSS7.2AI score0.00633EPSS
Exploits0References19
RedhatCVE
RedhatCVE
added 2024/07/16 4:26 p.m.23 views

CVE-2024-40944

A vulnerability was found in the Linux kernel's x86/kexec component, where the function call to ccplatformhas could lead to a system crash when call depth tracking is active. This issue occurs because the GS segment is reset by loadsegments, setting GSBASE to 0, while call depth tracking relies o...

4.1CVSS8.2AI score0.00239EPSS
Exploits0References4
NVD
NVD
added 2024/07/12 1:15 p.m.23 views

CVE-2024-40944

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix bug with call depth tracking The call to ccplatformhas triggers a fault and system crash if call depth tracking is active because the GS segment has been reset by loadsegments and GSBASE is now 0 but call depth...

5.5CVSS0.00239EPSS
Exploits0References3
OSV
OSV
added 2024/07/12 1:15 p.m.1 views

DEBIAN-CVE-2024-40944

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix bug with call depth tracking The call to ccplatformhas triggers a fault and system crash if call depth tracking is active because the GS segment has been reset by loadsegments and GSBASE is now 0 but call depth...

5.5CVSS4.8AI score0.00239EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/07/12 1:15 p.m.30 views

CVE-2024-40944

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix bug with call depth tracking The call to ccplatformhas triggers a fault and system crash if call depth tracking is active because the GS segment has been reset by loadsegments and GSBASE is now 0 but call depth...

5.5CVSS5.7AI score0.00239EPSS
Exploits0References12
OSV
OSV
added 2024/07/12 1:15 p.m.5 views

UBUNTU-CVE-2024-40944

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix bug with call depth tracking The call to ccplatformhas triggers a fault and system crash if call depth tracking is active because the GS segment has been reset by loadsegments and GSBASE is now 0 but call depth...

5.5CVSS5.7AI score0.00239EPSS
Exploits0References13
Debian CVE
Debian CVE
added 2024/07/12 12:25 p.m.50 views

CVE-2024-40944

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix bug with call depth tracking The call to ccplatformhas triggers a fault and system crash if call depth tracking is active because the GS segment has been reset by loadsegments and GSBASE is now 0 but call depth...

5.5CVSS5.7AI score0.00239EPSS
Exploits0
OSV
OSV
added 2024/07/12 12:25 p.m.20 views

CVE-2024-40944 x86/kexec: Fix bug with call depth tracking

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix bug with call depth tracking The call to ccplatformhas triggers a fault and system crash if call depth tracking is active because the GS segment has been reset by loadsegments and GSBASE is now 0 but call depth...

5.5CVSS5.8AI score0.00239EPSS
Exploits0References6
CVE
CVE
added 2024/07/12 12:25 p.m.96 views

CVE-2024-40944

CVE-2024-40944 affects the Linux kernel (x86/kexec). The vulnerability is a bug in call depth tracking where calling cc_platform_has() may fault if depth tracking is active because GS_BASE is reset to 0 by load_segments(). The mitigation described in the documentation is to invoke cc_platform_has...

5.5CVSS6.5AI score0.00239EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/07/12 12:25 p.m.36 views

CVE-2024-40944 x86/kexec: Fix bug with call depth tracking

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix bug with call depth tracking The call to ccplatformhas triggers a fault and system crash if call depth tracking is active because the GS segment has been reset by loadsegments and GSBASE is now 0 but call depth...

0.00239EPSS
Exploits0References3
OSV
OSV
added 2024/02/22 5:15 p.m.8 views

AZL-35905 CVE-2023-52452 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix accesses to uninit stack slots Privileged programs are supposed to be able to read uninitialized stack memory ever since 6715df8d5 but, before this patch, these accesses were permitted inconsistently. In particular,...

7.8CVSS6.4AI score0.00239EPSS
Exploits0References1
OSV
OSV
added 2024/02/22 5:15 p.m.4 views

DEBIAN-CVE-2023-52452

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix accesses to uninit stack slots Privileged programs are supposed to be able to read uninitialized stack memory ever since 6715df8d5 but, before this patch, these accesses were permitted inconsistently. In particular,...

7.8CVSS5.9AI score0.00239EPSS
Exploits0References1
Rows per page
Query Builder