Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
archive zip vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-1324
A specially crafted ZIP archive can be used to cause an infinite loop inside of Apache Commons Compress' extra field parser used by the ZipFile and ZipArchiveInputStream classes in versions 1.11 to 1.15. This can be used to mount a denial of service attack against services t...
Apache Commons Compress
Oracle Weblogic Server 14.1.1.0.0
Oracle Mysql Cluster
1 Github repository
6.8
CVSSv2
CVE-2014-8139
Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and previous versions allows remote malicious users to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
Unzip Project Unzip
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 6.6
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Server Eus 7.1
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Tus 6.6
Redhat Enterprise Linux Server Eus 6.6
Redhat Enterprise Linux Server Eus 7.7
6.8
CVSSv2
CVE-2010-1458
Stack-based buffer overflow in Create and Extract Zips TweakFS Zip Utility 1.0 for Flight Simulator X (FSX) allows remote malicious users to execute arbitrary code via a long filename in a ZIP archive.
Tweakfs Tweakfs Zip Utility 1.0
1 EDB exploit
6.8
CVSSv2
CVE-2018-1000035
A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an malicious user to perform a denial of service or to possibly achieve code execution.
Unzip Project Unzip
4
CVSSv2
CVE-2018-19859
OpenRefine prior to 3.2 beta allows directory traversal via a relative pathname in a ZIP archive.
Openrefine Openrefine 3.0
Openrefine Openrefine 2.7
Openrefine Openrefine 2.6
Openrefine Openrefine 1.0.5
Openrefine Openrefine 1.0.7
Openrefine Openrefine 2.0
Openrefine Openrefine 2.5
Openrefine Openrefine 1.0
Openrefine Openrefine 2.8
Openrefine Openrefine 3.1
Openrefine Openrefine 2.1
Openrefine Openrefine 1.0.1
Openrefine Openrefine 1.0.2
Openrefine Openrefine 1.0.3
Openrefine Openrefine 1.0.6
Openrefine Openrefine 1.1
1 Github repository
6.5
CVSSv2
CVE-2022-24676
update_code in Admin.php in HYBBS2 up to and including 2.3.2 allows arbitrary file upload via a crafted ZIP archive.
Hyphp Hybbs2
7.5
CVSSv2
CVE-2010-1444
The ZIP archive decompressor in VideoLAN VLC media player prior to 1.0.6 allows remote malicious users to cause a denial of service (invalid memory access and application crash) or possibly execute arbitrary code via a crafted archive.
Videolan Vlc Media Player 0.8.6b
Videolan Vlc Media Player 0.7.2
Videolan Vlc Media Player 0.8.6g
Videolan Vlc Media Player 0.8.1337
Videolan Vlc Media Player 0.5.0
Videolan Vlc Media Player 0.8.4a
Videolan Vlc Media Player 1.0.3
Videolan Vlc Media Player 0.8.0
Videolan Vlc Media Player 0.9.0
Videolan Vlc Media Player 0.9.4
Videolan Vlc Media Player 0.8.5
Videolan Vlc Media Player 0.9.9a
Videolan Vlc Media Player 0.6.2
Videolan Vlc Media Player 0.8.6h
Videolan Vlc Media Player 0.9.10
Videolan Vlc Media Player 0.8.4
Videolan Vlc Media Player 0.8.6
Videolan Vlc Media Player 0.8.6c
Videolan Vlc Media Player 0.8.6i
Videolan Vlc Media Player 0.5.2
Videolan Vlc Media Player 0.7.0
Videolan Vlc Media Player 0.9.1
7.5
CVSSv2
CVE-2008-2722
Menalto Gallery prior to 2.2.5 allows remote malicious users to bypass permissions for sub-albums via a ZIP archive.
Menalto Gallery 2.2.1
Menalto Gallery 2.2.2
Menalto Gallery 2.2.3
Menalto Gallery
Menalto Gallery 2.1
Menalto Gallery 2.1.1
Menalto Gallery 2.1.2
Menalto Gallery 2.2.0
5.8
CVSSv2
CVE-2012-0907
Directory traversal vulnerability in the web player in NeoAxis NeoAxis web player 1.4 and previous versions allows user-assisted remote malicious users to write arbitrary files via a .. (dot dot) in a filename in the neoaxis_web_application_win32.zip ZIP archive.
Neoaxis Neoaxis Web Player 1.2
Neoaxis Neoaxis Web Player 1.1
Neoaxis Neoaxis Web Player
Neoaxis Neoaxis Web Player 1.3
4.3
CVSSv2
CVE-2017-14107
The _zip_read_eocd64 function in zip_open.c in libzip prior to 1.3.0 mishandles EOCD records, which allows remote malicious users to cause a denial of service (memory allocation failure in _zip_cdir_grow in zip_dirent.c) via a crafted ZIP archive.
Libzip Libzip
Debian Debian Linux 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »