1962 matches found
dotnet: .NET: Local file tampering via link following vulnerability
A flaw was found in .NET's System.Formats.Tar library. When extracting a specially crafted TAR archive containing symbolic links, the TarFile.ExtractToDirectory method may incorrectly follow those links and write files outside the intended extraction directory. An attacker could exploit this issu...
MINI-9894-4J8H-9F5H
Bulletin has no description...
BIT-PYTHON-2026-11972 tarfile opened in streaming mode mishandles EOF
When using the "tarfile" module with a file opened in "streaming mode" mode="r|" the tarfile module did not properly handle EOF, making archive parsing take exponentially longer...
DEBIAN-CVE-2026-13595
A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a parent partition entry in a dynamically allocated array. When subsequent partition additions cause the array to be...
MINI-5GJW-2MCG-7WF9
Bulletin has no description...
MINI-CXM9-7M85-8VG3
Bulletin has no description...
DEBIAN-CVE-2026-13502
A flaw has been found in antlr ANTLR4 up to 4.13.2. This affects the function ObjectInputStream.readObject of the file antlr4-maven-plugin/src/main/java/org/antlr/mojo/antlr4/GrammarDependencies.java of the component Maven Plugin. This manipulation causes time-of-check time-of-use. The attack is...
DEBIAN-CVE-2026-48915
Bulletin has no description...
MINI-PF2J-RWJR-53QV
Bulletin has no description...
MINI-J7R3-CVRG-8HFJ
Bulletin has no description...
MINI-JM8R-C937-HR88
Bulletin has no description...
BELL-CVE-2026-53271
Bulletin has no description...
BELL-CVE-2026-53217
Bulletin has no description...
BELL-CVE-2026-53238
Bulletin has no description...
BELL-CVE-2026-53181
Bulletin has no description...
BELL-CVE-2026-53190
Bulletin has no description...
BELL-CVE-2026-53137
Bulletin has no description...
BELL-CVE-2026-53141
Bulletin has no description...
BELL-CVE-2026-53139
Bulletin has no description...
BELL-CVE-2026-53252
Bulletin has no description...