Lucene search
K

1091 matches found

Cvelist
Cvelist
added 2026/02/25 11:39 p.m.19 views

CVE-2026-27709 NanaZip .NET Single-File Manifest Parser Vulnerable to Out-of-Bounds Read via Unchecked RelativePathLength

NanaZip is an open source file archive. Starting in version 5.0.1252.0 and prior to versions 6.0.1638.0 and 6.5.1638.0, NanaZip’s .NET Single File Application parser has an out-of-bounds read vulnerability in manifest parsing. A crafted bundle can provide a malformed RelativePathLength so the...

5.1CVSS0.00144EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/02/25 11:39 p.m.5 views

CVE-2026-27709

NanaZip is an open source file archive. Starting in version 5.0.1252.0 and prior to versions 6.0.1638.0 and 6.5.1638.0, NanaZip’s .NET Single File Application parser has an out-of-bounds read vulnerability in manifest parsing. A crafted bundle can provide a malformed RelativePathLength so the...

6.6CVSS5.5AI score0.00144EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/02/25 11:39 p.m.14 views

CVE-2026-27709

NanaZip (open source) version range prior to 6.0.1638.0 and 6.5.1638.0 is affected by an out-of-bounds read in the .NET Single File Application parser during manifest parsing. A crafted bundle can cause a malformed RelativePathLength, leading to the parser constructing a std::string from memory b...

6.6CVSS5.5AI score0.00144EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/02/25 11:39 p.m.7 views

CVE-2026-27709 NanaZip .NET Single-File Manifest Parser Vulnerable to Out-of-Bounds Read via Unchecked RelativePathLength

NanaZip is an open source file archive. Starting in version 5.0.1252.0 and prior to versions 6.0.1638.0 and 6.5.1638.0, NanaZip’s .NET Single File Application parser has an out-of-bounds read vulnerability in manifest parsing. A crafted bundle can provide a malformed RelativePathLength so the...

5.1CVSS5.6AI score0.00144EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/02/25 11:39 p.m.3 views

CVE-2026-27709 NanaZip .NET Single-File Manifest Parser Vulnerable to Out-of-Bounds Read via Unchecked RelativePathLength

NanaZip is an open source file archive. Starting in version 5.0.1252.0 and prior to versions 6.0.1638.0 and 6.5.1638.0, NanaZip’s .NET Single File Application parser has an out-of-bounds read vulnerability in manifest parsing. A crafted bundle can provide a malformed RelativePathLength so the...

5.1CVSS5.5AI score0.00144EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/02/25 12:0 a.m.6 views

PT-2026-22043

NanaZip is an open source file archive. Starting in version 5.0.1252.0 and prior to versions 6.0.1638.0 and 6.5.1638.0, NanaZip’s .NET Single File Application parser has an out-of-bounds read vulnerability in manifest parsing. A crafted bundle can provide a malformed RelativePathLength so the...

5.1CVSS5.5AI score0.00144EPSS
Exploits1References2
Snyk
Snyk
added 2026/02/20 4:3 p.m.3 views

Relative Path Traversal

Overview Affected versions of this package are vulnerable to Relative Path Traversal via the import snapshot module that lacks sanitization of zip filenames. An attacker can write arbitrary files to the filesystem by supplying crafted file paths with / separator. Note: This issue affects only...

8.2CVSS6AI score0.00272EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/20 1:24 p.m.4 views

CVE-2026-26362

Dell Unisphere for PowerMax, versions 10.2, contains a Relative Path Traversal vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized modification of critical system files...

8.1CVSS5.7AI score0.00319EPSS
Exploits0References1
OSV
OSV
added 2026/02/20 11:15 a.m.4 views

DEBIAN-CVE-2026-21620

Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...

2.3CVSS5.2AI score0.00461EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 11:15 a.m.7 views

CVE-2026-21620

Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...

2.3CVSS0.00461EPSS
Exploits0References8
OSV
OSV
added 2026/02/20 11:15 a.m.5 views

AZL-78285 CVE-2026-21620 affecting package erlang 26.2.5.15-1

Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...

2.3CVSS5.7AI score0.00461EPSS
Exploits0References1
OSV
OSV
added 2026/02/20 11:15 a.m.8 views

AZL-78278 CVE-2026-21620 affecting package erlang 25.3.2.21-4

Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...

2.3CVSS5.7AI score0.00461EPSS
Exploits0References1
OSV
OSV
added 2026/02/20 11:15 a.m.7 views

CVE-2026-21620

Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...

2.3CVSS5.5AI score0.00461EPSS
Exploits0References6
OSV
OSV
added 2026/02/20 11:15 a.m.4 views

UBUNTU-CVE-2026-21620

Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...

2.3CVSS5.8AI score0.00461EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/02/20 11:15 a.m.2 views

CVE-2026-21620

Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...

2.3CVSS5.9AI score0.00461EPSS
Exploits0References4
OSV
OSV
added 2026/02/20 10:57 a.m.4 views

EEF-CVE-2026-21620 TFTP Path Traversal

Summary Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...

2.3CVSS5.8AI score0.00461EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/02/20 10:57 a.m.4 views

CVE-2026-21620 TFTP Path Traversal

Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...

2.3CVSS5.5AI score0.00461EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/02/20 12:0 a.m.6 views

PT-2026-21008

Name of the Vulnerable Software and Affected Versions erlang otp versions 1.0 through 6.9 erlang otp version 17.0 erlang otp versions prior to 7.0 Description The software contains a Relative Path Traversal and Improper Isolation or Compartmentalization issue. The issue is associated with program...

2.3CVSS5.2AI score0.00461EPSS
Exploits0References47
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.9 views

Erlang/OTP 安全漏洞

Erlang/OTP is an open-source JavaScript library for handling exceptions. This library can catch exceptions caused by the built-in APIs of node.js. Erlang/OTP has a security vulnerability, which stems from issues with relative path traversal and improper isolation in the tftpfile module. These...

2.3CVSS5.8AI score0.00461EPSS
Exploits0References6
NVD
NVD
added 2026/02/19 9:16 a.m.7 views

CVE-2026-26362

Dell Unisphere for PowerMax, versions 10.2, contains a Relative Path Traversal vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized modification of critical system files...

8.1CVSS0.00319EPSS
Exploits0References1
Rows per page
Query Builder