720 matches found
CVE-2026-0648
The vulnerability stems from an incorrect error-checking logic in the CreateCounter function in threadx/utility/rtoscompatibilitylayers/OSEK/txosek.c when handling the return value of osekgetcounter. Specifically, the current code checks if cntrid equals 0u to determine failure, but...
CVE-2026-0648
CVE-2026-0648 : Red Hat and other sources describe a logic error in the CreateCounter() path for OSEK in threadx.c where osek_get_counter() return value is mishandled. The code tests for failure by comparing cntr_id to 0u, but osek_get_counter() signals failure with E_OS_SYS_STACK (12U). When the...
CVE-2026-0648
The vulnerability stems from an incorrect error-checking logic in the CreateCounter function in threadx/utility/rtoscompatibilitylayers/OSEK/txosek.c when handling the return value of osekgetcounter. Specifically, the current code checks if cntrid equals 0u to determine failure, but...
CVE-2026-0648
The vulnerability stems from an incorrect error-checking logic in the CreateCounter function in threadx/utility/rtoscompatibilitylayers/OSEK/txosek.c when handling the return value of osekgetcounter. Specifically, the current code checks if cntrid equals 0u to determine failure, but...
CVE-2026-0648
The vulnerability stems from an incorrect error-checking logic in the CreateCounter function in threadx/utility/rtoscompatibilitylayers/OSEK/txosek.c when handling the return value of osekgetcounter. Specifically, the current code checks if cntrid equals 0u to determine failure, but...
EUVD-2026-4817
The vulnerability stems from an incorrect error-checking logic in the CreateCounter function in threadx/utility/rtoscompatibilitylayers/OSEK/txosek.c when handling the return value of osekgetcounter. Specifically, the current code checks if cntrid equals 0u to determine failure, but...
CVE-2026-0648
The vulnerability stems from an incorrect error-checking logic in the CreateCounter function in threadx/utility/rtoscompatibilitylayers/OSEK/txosek.c when handling the return value of osekgetcounter. Specifically, the current code checks if cntrid equals 0u to determine failure, but...
Exploit for CVE-2026-21509
🛡️ CVE-2026-21509 — Microsoft Office Zero-Day !OFFICEhttps...
About Remote Code Execution – Microsoft Office (CVE-2026-21509) vulnerability
About Remote Code Execution - Microsoft Office CVE-2026-21509 vulnerability. The vulnerability was urgently fixed on January 26, outside the regular Microsoft Patch Tuesday. Microsoft classified it as a Security Feature Bypass, but in fact, it is more of a Remote Code Execution. The vulnerability...
PT-2026-4937
The vulnerability stems from an incorrect error-checking logic in the CreateCounter function in threadx/utility/rtos compatibility layers/OSEK/tx osek.c when handling the return value of osek get counter. Specifically, the current code checks if cntr id equals 0u to determine failure, but @osek g...
January Linux Patch Wednesday
JanuaryLinux Patch Wednesday. In January, Linux vendors started fixing 918 vulnerabilities, one and a half times more than in December. Of these, 616 are in the Linux Kernel. Three show signs of exploitation in the wild: 🔻 AuthBypass - GNU Inetutils telnetd CVE-2026-24061 🔻 RCE - Safari...
VulnCheck KEV: CVE-2025-2857
Following the recent Chrome sandbox escape CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. The original vulnerability was...
Patch Tuesday - January 2026
Microsoft is publishing 114 vulnerabilities this January 2026 Patch Tuesday. Today’s menu includes just one vulnerability marked as exploited in the wild, as well as two vulnerabilities where Microsoft is aware of public disclosure. There are no critical remote code execution or elevation of...
Microsoft Patch Tuesday for January 2026 — Snort rules and prominent vulnerabilities
Microsoft has released its monthly security update for January 2026, which includes 112 vulnerabilities affecting a range of products, including 8 that Microsoft marked as "critical". In this month's release, Microsoft observed one of the included "important" vulnerabilities, CVE-2026-20805, as...
Celebrating reviews and recognitions for Malwarebytes in 2025
Independent recognition matters in cybersecurity, and it matters a lot to us. It shows how security products perform when they’re tested against in-the-wild threats, using lab environments designed to reflect what people actually face in the real world. In 2025, Malwarebytes earned awards and...
CVE-2023-50428
In Bitcoin Core through 26.0 and Bitcoin Knots before 25.1.knots20231115, datacarrier size limits can be bypassed by obfuscating data as code e.g., with OPFALSE OPIF, as exploited in the wild by Inscriptions in 2022 and 2023. NOTE: although this is a vulnerability from the perspective of the...
CVE-2025-70974
Fastjson before 1.2.48 mishandles autoType because, when an @type key is in a JSON document, and the value of that key is the name of a Java class, there may be calls to certain public methods of that class. Depending on the behavior of those methods, there may be JNDI injection with an...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993058)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993058 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing: Fix wild-memory-access in registersynthevent In registersynthevent, if...
MongoBleed (CVE-2025-14847) exploited in the wild: everything you need to know
Detect and mitigate CVE-2025-14847, an unauthenticated information leak vulnerability in MongoDB. Exploitation has been observed in the wild. Organizations should patch urgently...
Exploit for CVE-2025-20393
CVE-2025-20393 Scanner !CVSS Scorehttps://img.shields.io/b...