Lucene search
K

25 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/05/18 6:37 a.m.13 views

Security Bulletin: Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp

Summary Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...

2.3CVSS5.8AI score0.00461EPSS
Exploits0Affected Software1
CVE
CVE
added 2026/03/18 7:34 a.m.12 views

CVE-2026-22320

A stack-based buffer overflow in the CLI’s TFTP file-transfer command handling can be triggered by a low-privileged attacker with Telnet/SSH access by supplying an unexpected or oversized filename input. This memory corruption affects the internal buffer, rendering the CLI and web dashboard unava...

6.5CVSS6.2AI score0.00317EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/02/21 12:25 a.m.4 views

SUSE CVE-2026-21620

Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...

8.1CVSS5.8AI score0.00461EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/02/21 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-21620

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules,...

2.3CVSS5.8AI score0.00461EPSS
Exploits0References2
OSV
OSV
added 2026/02/20 11:15 a.m.4 views

DEBIAN-CVE-2026-21620

Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...

2.3CVSS5.2AI score0.00461EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 11:15 a.m.7 views

CVE-2026-21620

Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...

2.3CVSS0.00461EPSS
Exploits0References8
OSV
OSV
added 2026/02/20 11:15 a.m.8 views

AZL-78278 CVE-2026-21620 affecting package erlang 25.3.2.21-4

Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...

2.3CVSS5.7AI score0.00461EPSS
Exploits0References1
OSV
OSV
added 2026/02/20 11:15 a.m.7 views

CVE-2026-21620

Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...

2.3CVSS5.5AI score0.00461EPSS
Exploits0References6
OSV
OSV
added 2026/02/20 11:15 a.m.4 views

UBUNTU-CVE-2026-21620

Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...

2.3CVSS5.8AI score0.00461EPSS
Exploits0References5
OSV
OSV
added 2026/02/20 10:57 a.m.4 views

EEF-CVE-2026-21620 TFTP Path Traversal

Summary Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...

2.3CVSS5.8AI score0.00461EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/02/20 10:57 a.m.5 views

CVE-2026-21620

Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...

2.3CVSS5.2AI score0.00461EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/02/20 12:0 a.m.6 views

PT-2026-21008

Name of the Vulnerable Software and Affected Versions erlang otp versions 1.0 through 6.9 erlang otp version 17.0 erlang otp versions prior to 7.0 Description The software contains a Relative Path Traversal and Improper Isolation or Compartmentalization issue. The issue is associated with program...

2.3CVSS5.2AI score0.00461EPSS
Exploits0References47
Prion
Prion
added 2024/02/13 9:15 a.m.12 views

Remote code execution

A vulnerability has been identified in SINEC NMS All versions V2.0 SP1. The affected application allows users to upload arbitrary files via TFTP. This could allow an attacker to upload malicious firmware images or other files, that could potentially lead to remote code execution...

5.8CVSS8.1AI score0.00387EPSS
Exploits0References1
NVD
NVD
added 2023/09/20 2:15 p.m.17 views

CVE-2023-43202

D-LINK DWL-6610 FWv4.3.0.8B003C was discovered to contain a command injection vulnerability in the function pcapdownloadhandler. This vulnerability allows attackers to execute arbitrary commands via the update.device.packet-capture.tftp-file-name parameter...

9.8CVSS10AI score0.0231EPSS
Exploits1References1
OSV
OSV
added 2023/09/20 2:15 p.m.4 views

CVE-2023-43202

D-LINK DWL-6610 FWv4.3.0.8B003C was discovered to contain a command injection vulnerability in the function pcapdownloadhandler. This vulnerability allows attackers to execute arbitrary commands via the update.device.packet-capture.tftp-file-name parameter...

9.8CVSS6AI score0.0231EPSS
Exploits1References1
Prion
Prion
added 2023/09/20 2:15 p.m.22 views

Command injection

D-LINK DWL-6610 FWv4.3.0.8B003C was discovered to contain a command injection vulnerability in the function pcapdownloadhandler. This vulnerability allows attackers to execute arbitrary commands via the update.device.packet-capture.tftp-file-name parameter...

7.5CVSS9.9AI score0.0231EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/09/20 12:0 a.m.19 views

CVE-2023-43202

D-LINK DWL-6610 FWv4.3.0.8B003C was discovered to contain a command injection vulnerability in the function pcapdownloadhandler. This vulnerability allows attackers to execute arbitrary commands via the update.device.packet-capture.tftp-file-name parameter...

10AI score0.0231EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2023/05/26 12:0 a.m.6 views

The vulnerability of the TftpSendFileThread component in the D-View 8 network device management platform allows a hacker to disclose protected information.

The vulnerability of the TftpSendFileThread component in the D-View 8 network device management platform is related to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability could allow a remote attacker to disclose the protected information...

7.8CVSS7.2AI score0.8487EPSS
Exploits0References5Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 4:12 a.m.1 views

SUSE CVE-2019-11365

An issue was discovered in atftpd in atftp 0.7.1. A remote attacker may send a crafted packet triggering a stack-based buffer overflow due to an insecurely implemented strncpy call. The vulnerability is triggered by sending an error packet of 3 bytes or fewer. There are multiple instances of this...

9.8CVSS7.7AI score0.04288EPSS
Exploits1References5
OSV
OSV
added 2019/04/20 1:29 p.m.1 views

UBUNTU-CVE-2019-11365

An issue was discovered in atftpd in atftp 0.7.1. A remote attacker may send a crafted packet triggering a stack-based buffer overflow due to an insecurely implemented strncpy call. The vulnerability is triggered by sending an error packet of 3 bytes or fewer. There are multiple instances of this...

9.8CVSS7.7AI score0.04288EPSS
Exploits1References6
Rows per page
Query Builder