CLSA-2026-1777389760 vim: Fix of 9 CVEs

CVE-2021-3903: do not set VALIDBOTLINE in wvalid when the screen is not valid, preventing invalid memory access while scrolling. - CVE-2021-4069: copy the current line before regexec in exopen so the match is not using freed memory when searching for a mark flushes it. - CVE-2022-0351: limit...

CVE-2026-0847

A flaw was found in NLTK Natural Language Toolkit. This vulnerability allows a remote attacker to read arbitrary files on the server due to improper sanitization of file paths in several CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. By...

DEBIAN-CVE-2026-0847

A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. These classes fail to properly sanitize or validate file paths, enabling...

CVE-2026-0847

A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. These classes fail to properly sanitize or validate file paths, enabling...

UBUNTU-CVE-2026-0847

A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. These classes fail to properly sanitize or validate file paths, enabling...

CVE-2026-0847

A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. These classes fail to properly sanitize or validate file paths, enabling...

CVE-2026-0847

A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. These classes fail to properly sanitize or validate file paths, enabling...

CVE-2026-0847

A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. These classes fail to properly sanitize or validate file paths, enabling...

CVE-2026-0847 Path Traversal in nltk/nltk

A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. These classes fail to properly sanitize or validate file paths, enabling...

PT-2026-23033

Name of the Vulnerable Software and Affected Versions NLTK versions up to and including 3.9.2 Description A flaw exists in NLTK that permits arbitrary file reading through path traversal in several CorpusReader classes, such as WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReade...

pybbs 代码注入漏洞

pybbs is a community platform for Java development by iuiu individual developers. A code injection vulnerability exists in pybbs 6.0.0 and earlier versions, which stems from improper handling of the parameter word in the file /admin/sensitiveword/list, which could lead to a cross-site scripting...

PT-2025-31920 · Unknown · Atjiu Pybbs

Name of the Vulnerable Software and Affected Versions: atjiu pybbs versions prior to 6.0.1 Description: A problematic issue exists in atjiu pybbs. The manipulation of the word argument in the /admin/sensitive word/list file leads to cross site scripting. The attack can be initiated remotely. The...

SUSE CVE-2010-3453

The WW8ListManager::WW8ListManager function in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 does not properly handle an unspecified number of list levels in user-defined list styles in WW8 data in a Microsoft Word document, which allows remote attackers to cause a denial of service...

WordListGen - Super Simple Python Word List Generator For Fuzzing And Brute Forcing In Python

Super Simple Python Word List Generator for Password Cracking Hashcat! I know what your are thinking. Why create another word list generator? Well, I needed something very simple I could modify on the fly to get the exact character generators for the task at hand. This script is fully functional ...

Token-Reverser - Word List Generator To Crack Security Tokens

Word list generator to crack security tokens. Example use case 1. You are testing reset password function 2. Reset password token was sent to your email box e.g. 582431d4c7b57cb4a3570041ffeb7e10 3. You suppose, it is a md5 hash of the data you provided during registration process 4. You remember...

Lama - Tool To Obtain A Custom Password Dictionary To A Particular Target

Lama, the application that does not mince words. Description Lama is a GNU Linux tool to generate a word list. The goal is to obtain a custom password dictionary to a particular target, whether physical or moral. It is therefore important that words in this list correspond to the target. Keep in...

Solaris 10 (sparc) : 151723-01

GNOME 2.6.0: word-list-compress Patch. Date this patch was last updated by Sun : Feb/11/16 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...

Solaris 10 (x86) : 151724-01

GNOME 2.6.0x86: word-list-compress Patch. Date this patch was last updated by Sun : Feb/11/16 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...

Insecure Random Password Generation

Moodle is vulnerable to insecure random password generation. The word list used by the application for temporary password generation is not big enough, allowing a malicious user to gain access through a brute-force attack...

Word Splash Pro <= 9.5 - Buffer Overflow

No description provided by source. Exploit Title: Word Splash Pro = 9.5 Buffer Overflow -EggHunter- Software Link: http://www.chronasoft.com/software/wordsplashpro Version: = 9.5 Tested on: Win XP SP3 French Date: 20/12/2010 Author: h1ch4m Email: [email protected] Home: Net-Effects.blogspot.com Gree...