Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libzip libzip vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2017-12858
Double free vulnerability in the _zip_dirent_read function in zip_dirent.c in libzip allows malicious users to have unspecified impact via unknown vectors.
Libzip Libzip 1.2.0
7.5
CVSSv2
CVE-2019-17582
A use-after-free in the _zip_dirent_read function of zip_dirent.c in libzip 1.2.0 allows malicious users to have an unspecified impact by attempting to unzip a malformed ZIP archive. NOTE: the discoverer states "This use-after-free is triggered prior to the double free repor...
Libzip Libzip 1.2.0
4.3
CVSSv2
CVE-2017-14107
The _zip_read_eocd64 function in zip_open.c in libzip prior to 1.3.0 mishandles EOCD records, which allows remote malicious users to cause a denial of service (memory allocation failure in _zip_cdir_grow in zip_dirent.c) via a crafted ZIP archive.
Libzip Libzip
Debian Debian Linux 9.0
6.8
CVSSv2
CVE-2012-1163
Integer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote malicious users to execute arbitrary code via the size and offset values for the central directory in a zip archive, which triggers "improper restrictions of operations within the bound...
Nih Libzip 0.10
7.5
CVSSv2
CVE-2012-1162
Heap-based buffer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a zip archive with the number of directories set to 0, related to an "...
Nih Libzip 0.10
4.3
CVSSv2
CVE-2011-0421
The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP prior to 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent malicious users to cause a denial of service (NULL pointer dereference) via an empty ZIP...
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.3.9
Php Php 4.4.0
Php Php 4.4.8
Php Php 4.4.9
Php Php 3.0.2
Php Php 3.0.18
Php Php 3.0.9
Php Php 3.0.7
Php Php 3.0.8
Php Php 5.2.12
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.2.0
Php Php 4.3.1
Php Php 4.3.10
1 EDB exploit
7.5
CVSSv2
CVE-2015-2331
Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and previous versions, as used in the ZIP extension in PHP prior to 5.4.39, 5.5.x prior to 5.5.23, and 5.6.x prior to 5.6.7 and other products, allows remote malicious users to cause a denial of servi...
Nih Libzip
Php Php 5.6.1
Php Php 5.5.0
Php Php 5.6.0
Php Php 5.6.5
Php Php 5.5.19
Php Php 5.5.16
Php Php 5.5.1
Php Php 5.5.5
Php Php 5.6.4
Php Php 5.5.21
Php Php 5.6.6
Php Php 5.5.17
Php Php 5.5.14
Php Php 5.5.7
Php Php 5.6.2
Php Php 5.5.12
Php Php
Php Php 5.5.6
Php Php 5.5.3
Php Php 5.5.8
Php Php 5.5.15
4.3
CVSSv2
CVE-2018-20532
There is a NULL pointer dereference at ext/testcase.c (function testcase_read) in libsolvext.a in libsolv up to and including 0.7.2 that will cause a denial of service.
Opensuse Libsolv
Canonical Ubuntu Linux 18.10
4.3
CVSSv2
CVE-2018-20533
There is a NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex) in libsolvext.a in libsolv up to and including 0.7.2 that will cause a denial of service.
Opensuse Libsolv
Canonical Ubuntu Linux 18.10
4.3
CVSSv2
CVE-2018-20534
There is an illegal address access at ext/testcase.c in libsolv.a in libsolv up to and including 0.7.2 that will cause a denial of service. NOTE: third parties dispute this issue stating that the issue affects the test suite and not the underlying library. It cannot be exploited ...
Opensuse Libsolv
Canonical Ubuntu Linux 18.10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started