227 matches found
PT-2026-45548
A NULL pointer dereference in the ext4 dir en get name len function in include/ext4 dir.h of lwext4 1.0.0 allows attackers to cause a denial of service by supplying a specially crafted EXT4 filesystem image with malformed directory entries. During directory iteration, the code may fail to validat...
Astra Linux - уязвимость в libgit2
libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to gitindexadd can cause heap corruption that could be leveraged for arbitrary code execution. There...
CVE-2026-1951
Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability...
EUVD-2026-25403
Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability...
CVE-2026-1951 No checking of the length of the buffer with the directory name in AS320T
Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability...
CVE-2026-1951
Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability...
CVE-2026-1951
Technical details for CVE-2026-1951 are not publicly available in the provided documents. Monitor for updates.
CVE-2026-1951 No checking of the length of the buffer with the directory name in AS320T
Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability...
SUSE CVE-2026-6843
A flaw was found in nano. A local user could exploit a format string vulnerability in the statusline function. By creating a directory with a name containing printf specifiers, the application attempts to display this name, leading to a segmentation fault SEGV. This results in a Denial of Service...
PT-2026-34859
CVE-2026-1951 Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability. https://t.co/KudN90cAFS...
CVE-2026-6843
A flaw was found in nano. A local user could exploit a format string vulnerability in the statusline function. By creating a directory with a name containing printf specifiers, the application attempts to display this name, leading to a segmentation fault SEGV. This results in a Denial of Service...
CVE-2026-6843 Nano: nano: format string vulnerability leads to denial of service
A flaw was found in nano. A local user could exploit a format string vulnerability in the statusline function. By creating a directory with a name containing printf specifiers, the application attempts to display this name, leading to a segmentation fault SEGV. This results in a Denial of Service...
CVE-2026-6843
CVE-2026-6843 affects the nano editor. A local user can trigger a format string vulnerability in the statusline() function by creating a directory whose name contains printf specifiers; nano attempts to display this name and may segfault, causing a Denial of Service. The vulnerability is document...
CVE-2026-6843 Nano: nano: format string vulnerability leads to denial of service
A flaw was found in nano. A local user could exploit a format string vulnerability in the statusline function. By creating a directory with a name containing printf specifiers, the application attempts to display this name, leading to a segmentation fault SEGV. This results in a Denial of Service...
CVE-2026-6843
A flaw was found in nano. A local user could exploit a format string vulnerability in the statusline function. By creating a directory with a name containing printf specifiers, the application attempts to display this name, leading to a segmentation fault SEGV. This results in a Denial of Service...
PT-2026-34312
Name of the Vulnerable Software and Affected Versions nano affected versions not specified Description A local user can cause a Denial of Service in the application by exploiting a format string flaw in the statusline function. This occurs when the application attempts to display a directory name...
CVE-2026-3178
The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'namedirectoryname' parameter in all versions up to, and including, 1.32.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2026-3178
The CVE concerns the WordPress Name Directory plugin (affected: all versions up to 1.32.1) and a Stored XSS via the name_directory_name parameter. The vulnerability stems from insufficient input sanitization and output escaping, allowing unauthenticated attackers to inject scripts into pages that...
CVE-2025-70083
An issue was discovered in OpenSatKit 2.2.1. The DirName field in the telecommand is provided by the ground segment and must be treated as untrusted input. The program copies DirName into the local buffer DirWithSep using strcpy. The size of this buffer is OSMAXPATHLEN. If the length of DirName i...
CVE-2025-66428
An issue with WordPress directory names in WebPros WordPress Toolkit before 6.9.1 allows privilege escalation...