CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

OSV•added 2026/02/25 11:44 p.m.•3 views

CVE-2026-27711 NanaZip UFS Archive Parser Memory Corruption via Unvalidated Directory Record Length

NanaZip is an open source file archive. Starting in version 5.0.1252.0 and prior to versions 6.0.1638.0 and 6.5.1638.0, a memory corruption vulnerability in NanaZip’s UFS parser allows a crafted .ufs/.ufs2/.img file to trigger out-of-bounds memory access during archive open/listing. The bug is...

5.1CVSS5.7AI score0.00021EPSS

Exploits1References3

Vulnrichment•added 2026/02/25 11:44 p.m.•4 views

CVE-2026-27711 NanaZip UFS Archive Parser Memory Corruption via Unvalidated Directory Record Length

5.1CVSS5.9AI score0.00021EPSS

Exploits1References1

OSV•added 2022/05/14 12:58 a.m.•31 views

GHSA-674J-7M97-J2P9 curl FTP path confusion leads to NIL byte out of bounds write

curl can be coerced into writing a zero byte out of bounds. This bug can trigger when curl is told to work on an FTP URL, with the setting to only issue a single CWD command --ftp-method singlecwd or the libcurl alternative CURLOPTFTPFILEMETHOD. curl then URL-decodes the given path, calls strlen ...

9.8CVSS8AI score0.01298EPSS

Exploits0References21

Github Security Blog•added 2022/05/14 12:58 a.m.•38 views

curl FTP path confusion leads to NIL byte out of bounds write

9.8CVSS0.1AI score0.01298EPSS

Exploits0References21Affected Software1

Tenable Nessus•added 2018/02/12 12:0 a.m.•24 views

Debian DLA-1275-1 : uwsgi security update

It was discovered that the uwsgiexpandpath function in utils.c in Unbit uWSGI, an application container server, has a stack-based buffer overflow via a large directory length that can cause a denial of service application crash or stack corruption. For Debian 7 'Wheezy', these problems have been...

9.8CVSS8.3AI score0.00575EPSS

Exploits0References3