📄 NLTK 3.9.2 Path Traversal / File Disclosure

NLTK version 3.9.2 suffers from a path traversal vulnerability that allows for file disclosure. ================================================================================================================================== | Title : NLTK 3.9.2 Path Traversal - File Disclosure Exploit | | Auth...

Mageia: Security Advisory (MGASA-2026-0057)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2026-0057 Updated python-nltk packages fix security vulnerability

Path Traversal in nltk/nltk. CVE-2026-0847...

python311-nltk-3.9.3-1.1 on GA media (moderate)

python311-nltk-3.9.3-1.1 on GA media Announcement ID: openSUSE-SU-2026:10304-1 Rating: moderate Cross-References: CVE-2026-0847 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...

Linux Distros Unpatched Vulnerability : CVE-2026-0847

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including...

01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +934 more potentially affected by CVE-2026-0847 via nltk (>=2.0.4 <=3.9.2)

nltk PYPI version =2.0.4, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: CVE-2026-0847 Source advisory: OSV:GHSA-68J8-PQ59-FQGM...

CVE-2026-0847

creationtimestamp| type| source ---|---|--- 2026-03-04 19:31:49+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mgazjjfpf72c 2026-03-04 20:09:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mgb3m5jbay2o 2026-03-29 15:00:08+00:00| published-proof-of-concept|...

01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +934 more potentially affected by CVE-2026-0847 via nltk (>=2.0.4 <=3.9.2)

nltk PYPI version =2.0.4, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: CVE-2026-0847 Source advisory: OSV:PYSEC-2026-98...

CVE-2026-0847

A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. These classes fail to properly sanitize or validate file paths, enabling...

01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +932 more potentially affected by CVE-2026-0847 via nltk (>=3.0.0 <=3.9.2)

nltk PYPI version =3.0.0, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: CVE-2026-0847 Source advisory: SNYK:PYTHON-NLTK-15460762...

Exploit for Improper Initialization in Linux Linux_Kernel

megaquagga-pentest-re...

Oracle Linux 7 : java-11-openjdk (ELSA-2026-0847)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0847 advisory. - Fixes CVE-2025-64720 CVE-2025-65018 CVE-2026-21925 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Exploit for Improper Initialization in Linux Linux_Kernel

CVE-2022-0847 A simple reproduction of CVE-2022-0847 Orig...

Advisory ROSA-SA-2025-2954

Software: kernel 4.18.0 OS: ROSA Virtualization 2.1 unaffected versions = kernel-4.18.0-553.40.1.el810 affected versions kernel-4.18.0-553.40.1.el810 CVE-ID: CVE-2022-0847 BDU-ID: 2022-01166 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the copypagetoiterpipe and pushpipe functions of the Linux...

Exploit for Improper Initialization in Linux Linux_Kernel

DISCLAIMER This code is for educational and research...

CVE-2024-0847

The 5280 Bootstrap Modal Contact Form plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation in class-sbmm-list-table.php. This makes it possible for unauthenticated attackers to bulk delete...

CVE-2023-0847

The Sub-IoT implementation of the DASH 7 Alliance protocol has a vulnerability that can lead to an out-of-bounds write prior to implementation version 0.5.0. If the protocol has been compiled using default settings, this will only grant the attacker access to allocated but unused memory. However,...

CVE-2012-0847

Heap-based buffer overflow in the avfilterfiltersamples function in libavfilter/avfilter.c in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service application crash via a crafted media file...

Alibaba Cloud Linux 3 : 0015: cloud-kernel bugfix, enhancement and (ALINUX3-SA-2022:0015)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0015 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-0847: CVE-2022-0847 kernel:...

Exploit for Improper Initialization in Linux Linux_Kernel

Information c Exploit Title: Local Privilege Escalation...