1130 matches found
Use After Free
Overview Affected versions of this package are vulnerable to Use After Free in the parsermark. An attacker can cause a segmentation fault and potentially crash the application by triggering garbage collection after assigning a custom class to arrayclass or hashclass and before parsing, leading to...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: A bug in markbufferdirty was fixed, as it sometimes generates a warning due to the forced discard of reused buffers. A syzbot stress test using a corrupted disk image revealed that markbufferdirty called from nilfsmark...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fixed a NULL pointer dereference in pnfsmarkmatchinglsegsreturn. The commit de144ff4234f fixes the issue by changing pnfsreturnlayout to call pnfsmarkmatchinglsegsreturn, with NULL passed as the argument to the...
CVE-2026-42932
Naxclow device identifiers use fixed manufacturing prefixes combined with sequential counters, producing a fully predictable and enumerable identifier space. Because the platform also exposes an endpoint that reveals the current identifier high-water mark, the active fleet can be enumerated...
CVE-2026-42932 Naxclow IoT Platform Generation of Predictable Numbers or Identifiers
Naxclow device identifiers use fixed manufacturing prefixes combined with sequential counters, producing a fully predictable and enumerable identifier space. Because the platform also exposes an endpoint that reveals the current identifier high-water mark, the active fleet can be enumerated...
EUVD-2026-36532
Naxclow device identifiers use fixed manufacturing prefixes combined with sequential counters, producing a fully predictable and enumerable identifier space. Because the platform also exposes an endpoint that reveals the current identifier high-water mark, the active fleet can be enumerated...
CVE-2026-42932 Naxclow IoT Platform Generation of Predictable Numbers or Identifiers
Naxclow device identifiers use fixed manufacturing prefixes combined with sequential counters, producing a fully predictable and enumerable identifier space. Because the platform also exposes an endpoint that reveals the current identifier high-water mark, the active fleet can be enumerated...
PT-2026-48952
Naxclow device identifiers use fixed manufacturing prefixes combined with sequential counters, producing a fully predictable and enumerable identifier space. Because the platform also exposes an endpoint that reveals the current identifier high-water mark, the active fleet can be enumerated...
CVE-2026-45595
Protection mechanism failure in Windows Mark of the Web MOTW allows an unauthorized attacker to bypass a security feature over a network...
CVE-2026-36805
Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain multiple buffer overflows in the Saveqqlist function via the qqStr and markStr parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2026-45595
Protection mechanism failure in Windows Mark of the Web MOTW allows an unauthorized attacker to bypass a security feature over a network...
CVE-2026-45595 Windows Mark of the Web Security Feature Bypass Vulnerability
...
CVE-2026-45595 Windows Mark of the Web Security Feature Bypass Vulnerability
...
EUVD-2026-35554
Protection mechanism failure in Windows Mark of the Web MOTW allows an unauthorized attacker to bypass a security feature over a network...
CVE-2026-45595
Technical details about CVE-2026-45595 are not publicly available in the provided documents. Monitor for updates about affected components, root cause, and remediation.
Windows Mark of the Web Security Feature Bypass Vulnerability
Protection mechanism failure in Windows Mark of the Web MOTW allows an unauthorized attacker to bypass a security feature over a network...
PT-2026-47984
Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description A failure in the Mark of the Web MOTW protection mechanism allows an unauthorized attacker to bypass a security feature over a network, which can affect the system. Recommendations At the...
Microsoft Windows Mark of the Web (MOTW) 处理逻辑错误漏洞
Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There are security vulnerabilities in Microsoft Windows Mark of the Web MOTW. Attackers can exploit these vulnerabilities to bypass certain features. The following products and versions are...
Instagram Glitch Reportedly Exposed Contact Info of Zuckerberg and Other Users
Instagram glitch exposed Mark Zuckerberg’s email addresses and phone number, plus contact details of other top users, through a password reset flaw...
CVE-2025-15565
The Nexi XPay plugin for WordPress is vulnerable to unauthorized modification of data due to missing authorization checks on the redirect function in all versions up to, and including, 8.3.0. This makes it possible for unauthenticated attackers to mark pending WooCommerce orders as paid/completed...