CVE-2024-45338 Non-linear parsing of case-insensitive content in golang.org/x/net/html

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...

GO-2024-3333 Non-linear parsing of case-insensitive content in golang.org/x/net/html

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...

Google Go 安全漏洞

Google Go is a static strongly typed, compiled, concatenated, and garbage-collected programming language from Google USA. A security vulnerability exists in Google Go that stems from the fact that an attacker can write an input to a parsing function that will be processed non-linearly based on it...

OESA-2024-2493 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net: missing check virtio Two missing check in virtionethdrtoskb allowed syzbot to crash kernels again 1. After the skbsegment function the buffer may become...

Exploit for CVE-2024-9441

CVE-2024-9441-POC CVE-2024-9441 is a command injection vulner...

CVE-2024-52426

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Linear Oy Linear linear allows DOM-Based XSS.This issue affects Linear: from n/a through 2.7.11...

CVE-2024-52426

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Linear Oy Linear linear allows DOM-Based XSS.This issue affects Linear: from n/a through = 2.8.0...

CVE-2024-52426 WordPress Linear plugin <= 2.8.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Linear Oy Linear linear allows DOM-Based XSS.This issue affects Linear: from n/a through = 2.8.0...

CVE-2024-52426 WordPress Linear plugin <= 2.8.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Linear Oy Linear linear allows DOM-Based XSS.This issue affects Linear: from n/a through = 2.8.0...

CVE-2024-52426

CVE-2024-52426: A DOM-based XSS in the WordPress Linear plugin allows improper input neutralization during page generation. Affected: Linear plugin for WordPress, versions up to 2.7.11 (Wordfence also notes vulnerability through 2.7.12). Root cause: improper handling of user input in page generat...

WordPress plugin Linear 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

WordPress Linear plugin <= 2.8.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by theviper17 Patchstack Alliance in WordPress Plugin Linear versions = 2.8.0...

WordPress Linear Plugin <= 2.7.12 is vulnerable to Cross Site Scripting (XSS)

Software Linear Type Plugin Vulnerable versions = 2.7.12 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52426 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID fd839443c8b8 Credits theviper17 Required privilege Contributor...

kernel: Revert "sched/fair: Make sure to try to detach at least one movable task"

In the Linux kernel, the following vulnerability has been resolved: Revert "sched/fair: Make sure to try to detach at least one movable task" This reverts commit b0defa7ae03ecf91b8bfd10ede430cff12fcbd06. b0defa7ae03ec changed the load balancing logic to ignore env.maxloop if all tasks examined to...

kernel: net: missing check virtio

In the Linux kernel, the following vulnerability has been resolved: net: missing check virtio Two missing check in virtionethdrtoskb allowed syzbot to crash kernels again 1. After the skbsegment function the buffer may become non-linear nrfrags != 0, but since the SKBTXSHAREDFRAG flag is not set...

CVE-2024-50252

CVE-2024-50252 describes a memory leak in the Linux kernel mlxsw spectrum_ipip implementation when changing the remote IPv6 address of an ip6gre net device. The root cause is that the driver failed to add the new address to its hash table and did not remove the old one, leading to leaks and a war...

SUSE CVE-2024-50112

In the Linux kernel, the following vulnerability has been resolved: x86/lam: Disable ADDRESSMASKING in most cases Linear Address Masking LAM has a weakness related to transient execution as described in the SLAM paper1. Unless Linear Address Space Separation LASS is enabled this weakness may be...

CVE-2024-50112

In the Linux kernel, the following vulnerability has been resolved: x86/lam: Disable ADDRESSMASKING in most cases Linear Address Masking LAM has a weakness related to transient execution as described in the SLAM paper1. Unless Linear Address Space Separation LASS is enabled this weakness may be...

DEBIAN-CVE-2024-50112

In the Linux kernel, the following vulnerability has been resolved: x86/lam: Disable ADDRESSMASKING in most cases Linear Address Masking LAM has a weakness related to transient execution as described in the SLAM paper1. Unless Linear Address Space Separation LASS is enabled this weakness may be...

UBUNTU-CVE-2024-50112

In the Linux kernel, the following vulnerability has been resolved: x86/lam: Disable ADDRESSMASKING in most cases Linear Address Masking LAM has a weakness related to transient execution as described in the SLAM paper1. Unless Linear Address Space Separation LASS is enabled this weakness may be...