Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
7-zip 7-zip vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-40481
7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must v...
1 Github repository
NA
CVE-2023-31102
Ppmd7.c in 7-Zip prior to 23.00 allows an integer underflow and invalid read operation via a crafted 7Z archive.
7-zip 7-zip
Netapp Oncommand Workflow Automation -
Netapp Active Iq Unified Manager -
NA
CVE-2022-47069
p7zip 16.02 exists to contain a heap-buffer-overflow vulnerability via the function NArchive::NZip::CInArchive::FindCd(bool) at CPP/7zip/Archive/Zip/ZipIn.cpp.
7-zip P7zip 16.02
7.2
CVSSv2
CVE-2022-29072
7-Zip up to and including 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area. This is caused by misconfiguration of 7z.dll and a heap overflow. The command runs in a child process under the...
7-zip 7-zip
6 Github repositories
4.6
CVSSv2
CVE-2018-3920
An exploitable code execution vulnerability exists in the firmware update functionality of the Yi Home Camera 27US 1.8.7.0D. A specially crafted 7-Zip file can cause a CRC collision, resulting in a firmware update and code execution. An attacker can insert an SDcard to trigger th...
Yitechnology Yi Home Camera Firmware 1.8.7.0d
6.8
CVSSv2
CVE-2018-10115
Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 and before can lead to usage of uninitialized memory, allowing remote malicious users to cause a denial of service (segmentation fault) or execute arbitrary code via a crafted RAR archive.
7-zip 7-zip
1 Github repository
7.2
CVSSv2
CVE-2018-10172
7-Zip up to and including 18.01 on Windows implements the "Large memory pages" option by calling the LsaAddAccountRights function to add the SeLockMemoryPrivilege privilege to the user's account, which makes it easier for malicious users to bypass intended access r...
7-zip 7-zip
1 Github repository
6.8
CVSSv2
CVE-2018-5996
Insufficient exception handling in the method NCompress::NRar3::CDecoder::Code of 7-Zip prior to 18.00 and p7zip can lead to multiple memory corruptions within the PPMd code, allows remote malicious users to cause a denial of service (segmentation fault) or execute arbitrary code...
7-zip 7-zip
7-zip P7zip
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
6.8
CVSSv2
CVE-2017-17969
Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip prior to 18.00 and p7zip allows remote malicious users to cause a denial of service (out-of-bounds write) or potentially execute arbitrary code via a crafted ZIP archive.
7-zip 7-zip
7-zip P7zip
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
6.8
CVSSv2
CVE-2016-7804
Untrusted search path vulnerability in 7 Zip for Windows 16.02 and previous versions allows remote malicious users to gain privileges via a Trojan horse DLL in an unspecified directory.
7-zip 7-zip
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »