Lucene search
+L

720 matches found

NVD
NVD
added 2026/01/27 4:16 p.m.7 views

CVE-2026-0648

The vulnerability stems from an incorrect error-checking logic in the CreateCounter function in threadx/utility/rtoscompatibilitylayers/OSEK/txosek.c when handling the return value of osekgetcounter. Specifically, the current code checks if cntrid equals 0u to determine failure, but...

7.8CVSS0.00105EPSS
Exploits0References1
CVE
CVE
added 2026/01/27 3:40 p.m.15 views

CVE-2026-0648

CVE-2026-0648 : Red Hat and other sources describe a logic error in the CreateCounter() path for OSEK in threadx.c where osek_get_counter() return value is mishandled. The code tests for failure by comparing cntr_id to 0u, but osek_get_counter() signals failure with E_OS_SYS_STACK (12U). When the...

7.8CVSS6AI score0.00105EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/01/27 3:40 p.m.4 views

CVE-2026-0648

The vulnerability stems from an incorrect error-checking logic in the CreateCounter function in threadx/utility/rtoscompatibilitylayers/OSEK/txosek.c when handling the return value of osekgetcounter. Specifically, the current code checks if cntrid equals 0u to determine failure, but...

7.8CVSS6AI score0.00105EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/27 3:40 p.m.4 views

CVE-2026-0648

The vulnerability stems from an incorrect error-checking logic in the CreateCounter function in threadx/utility/rtoscompatibilitylayers/OSEK/txosek.c when handling the return value of osekgetcounter. Specifically, the current code checks if cntrid equals 0u to determine failure, but...

7.8CVSS6AI score0.00105EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/27 3:40 p.m.29 views

CVE-2026-0648

The vulnerability stems from an incorrect error-checking logic in the CreateCounter function in threadx/utility/rtoscompatibilitylayers/OSEK/txosek.c when handling the return value of osekgetcounter. Specifically, the current code checks if cntrid equals 0u to determine failure, but...

7.8CVSS0.00105EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/27 3:40 p.m.6 views

EUVD-2026-4817

The vulnerability stems from an incorrect error-checking logic in the CreateCounter function in threadx/utility/rtoscompatibilitylayers/OSEK/txosek.c when handling the return value of osekgetcounter. Specifically, the current code checks if cntrid equals 0u to determine failure, but...

7.8CVSS6AI score0.00105EPSS
Exploits0References1
OSV
OSV
added 2026/01/27 3:40 p.m.5 views

CVE-2026-0648

The vulnerability stems from an incorrect error-checking logic in the CreateCounter function in threadx/utility/rtoscompatibilitylayers/OSEK/txosek.c when handling the return value of osekgetcounter. Specifically, the current code checks if cntrid equals 0u to determine failure, but...

7.8CVSS5.9AI score0.00105EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2026/01/27 9:26 a.m.535 views

Exploit for CVE-2026-21509

🛡️ CVE-2026-21509 — Microsoft Office Zero-Day !OFFICEhttps...

9.3CVSS7.7AI score0.99945EPSS
Exploits43
Information Security Automation
Information Security Automation
added 2026/01/27 7:4 a.m.11 views

About Remote Code Execution – Microsoft Office (CVE-2026-21509) vulnerability

About Remote Code Execution - Microsoft Office CVE-2026-21509 vulnerability. The vulnerability was urgently fixed on January 26, outside the regular Microsoft Patch Tuesday. Microsoft classified it as a Security Feature Bypass, but in fact, it is more of a Remote Code Execution. The vulnerability...

7.8CVSS8.6AI score0.72152EPSS
Exploits12
Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.7 views

PT-2026-4937

The vulnerability stems from an incorrect error-checking logic in the CreateCounter function in threadx/utility/rtos compatibility layers/OSEK/tx osek.c when handling the return value of osek get counter. Specifically, the current code checks if cntr id equals 0u to determine failure, but @osek g...

7.8CVSS6AI score0.00105EPSS
Exploits0References2
Information Security Automation
Information Security Automation
added 2026/01/24 9:19 p.m.14 views

January Linux Patch Wednesday

JanuaryLinux Patch Wednesday. In January, Linux vendors started fixing 918 vulnerabilities, one and a half times more than in December. Of these, 616 are in the Linux Kernel. Three show signs of exploitation in the wild: 🔻 AuthBypass - GNU Inetutils telnetd CVE-2026-24061 🔻 RCE - Safari...

9.8CVSS7.2AI score0.98871EPSS
Exploits92
VulnCheck KEV
VulnCheck KEV
added 2026/01/20 12:0 a.m.26 views

VulnCheck KEV: CVE-2025-2857

Following the recent Chrome sandbox escape CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. The original vulnerability was...

10CVSS5.8AI score0.08404EPSS
In wildExploits6References2
Rapid7 Blog
Rapid7 Blog
added 2026/01/14 5:13 a.m.19 views

Patch Tuesday - January 2026

Microsoft is publishing 114 vulnerabilities this January 2026 Patch Tuesday. Today’s menu includes just one vulnerability marked as exploited in the wild, as well as two vulnerabilities where Microsoft is aware of public disclosure. There are no critical remote code execution or elevation of...

7.8CVSS8.7AI score0.17312EPSS
Exploits6
Talos Blog
Talos Blog
added 2026/01/13 6:29 p.m.9 views

Microsoft Patch Tuesday for January 2026 — Snort rules and prominent vulnerabilities

Microsoft has released its monthly security update for January 2026, which includes 112 vulnerabilities affecting a range of products, including 8 that Microsoft marked as "critical". In this month's release, Microsoft observed one of the included "important" vulnerabilities, CVE-2026-20805, as...

8.4CVSS8.3AI score0.07983EPSS
Exploits5
Malwarebytes
Malwarebytes
added 2026/01/12 1:0 p.m.9 views

Celebrating reviews and recognitions for Malwarebytes in 2025

Independent recognition matters in cybersecurity, and it matters a lot to us. It shows how security products perform when they’re tested against in-the-wild threats, using lab environments designed to reflect what people actually face in the real world. In 2025, Malwarebytes earned awards and...

6.6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 12:37 p.m.7 views

CVE-2023-50428

In Bitcoin Core through 26.0 and Bitcoin Knots before 25.1.knots20231115, datacarrier size limits can be bypassed by obfuscating data as code e.g., with OPFALSE OPIF, as exploited in the wild by Inscriptions in 2022 and 2023. NOTE: although this is a vulnerability from the perspective of the...

5.3CVSS7.1AI score0.00779EPSS
Exploits0References1
OSV
OSV
added 2026/01/09 6:43 a.m.9 views

CVE-2025-70974

Fastjson before 1.2.48 mishandles autoType because, when an @type key is in a JSON document, and the value of that key is the name of a Java class, there may be calls to certain public methods of that class. Depending on the behavior of those methods, there may be JNDI injection with an...

10CVSS7AI score0.0069EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.5 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993058)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993058 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing: Fix wild-memory-access in registersynthevent In registersynthevent, if...

7.1CVSS6AI score0.0017EPSS
Exploits0References4
Wiz blog
Wiz blog
added 2025/12/28 9:24 a.m.14 views

MongoBleed (CVE-2025-14847) exploited in the wild: everything you need to know

Detect and mitigate CVE-2025-14847, an unauthenticated information leak vulnerability in MongoDB. Exploitation has been observed in the wild. Organizations should patch urgently...

8.7CVSS6.8AI score0.83007EPSS
Exploits39
GithubExploit
GithubExploit
added 2025/12/18 7:25 a.m.444 views

Exploit for CVE-2025-20393

CVE-2025-20393 Scanner !CVSS Scorehttps://img.shields.io/b...

10CVSS9.1AI score0.2951EPSS
Exploits2
Rows per page
Query Builder