Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
7-zip 7-zip vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2016-2335
The CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp in 7zip 9.20 and 15.05 beta and p7zip allows remote malicious users to cause a denial of service (out-of-bounds read) or execute arbitrary code via the PartitionRef field in the Long Allocation Descriptor in a UDF file.
Opensuse Opensuse 13.2
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7-zip 7-zip 9.20
7-zip 7-zip 15.05
1 Github repository
6.8
CVSSv2
CVE-2007-4725
Stack consumption vulnerability in AkkyWareHOUSE 7-zip32.dll prior to 4.42.00.04, as derived from Igor Pavlov 7-Zip prior to 4.53 beta, allows user-assisted remote malicious users to execute arbitrary code via a long filename in an archive, leading to a heap-based buffer overflow...
7-zip 7-zip
7-zip 7-zip 4.43
7-zip 7-zip 4.44
7-zip 7-zip 4.45
7-zip 7-zip 4.46
7-zip 7-zip 4.47
7-zip 7-zip 4.48
7-zip 7-zip 4.49
7-zip 7-zip 4.50
7-zip 7-zip 4.51
7-zip 7-zip 4.52
1 EDB exploit
5.8
CVSSv2
CVE-2015-1038
p7zip 9.20.1 allows remote malicious users to write to arbitrary files via a symlink attack in an archive.
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Oracle Solaris 10.0
Oracle Solaris 11.2
7-zip P7zip 9.20.1
5
CVSSv2
CVE-2016-9296
A null pointer dereference bug affects the 16.02 and many old versions of p7zip. A lack of null pointer check for the variable folders.PackPositions in function CInArchive::ReadAndDecodePackedStreams in CPP/7zip/Archive/7z/7zIn.cpp, as used in the 7z.so library and in 7z applicat...
7-zip P7zip 16.02
1 Github repository
5
CVSSv2
CVE-2005-2670
Directory traversal vulnerability in HAURI Anti-Virus products including ViRobot Expert 4.0, Advanced Server, Linux Server 2.0, and LiveCall allows remote malicious users to overwrite arbitrary files via ".." sequences in filenames contained in (1) ACE, (2) ARJ, (3) CAB...
Hauri Livecall
Hauri Virobot Expert 4.0
Hauri Virobot Advanced Server
Hauri Virobot Linux Server 2.0
4.6
CVSSv2
CVE-2018-3920
An exploitable code execution vulnerability exists in the firmware update functionality of the Yi Home Camera 27US 1.8.7.0D. A specially crafted 7-Zip file can cause a CRC collision, resulting in a firmware update and code execution. An attacker can insert an SDcard to trigger th...
Yitechnology Yi Home Camera Firmware 1.8.7.0d
4.3
CVSSv2
CVE-2012-4932
Multiple cross-site scripting (XSS) vulnerabilities in SimpleInvoices before stable-2012-1-CIS3000 allow remote malicious users to inject arbitrary web script or HTML via (1) the having parameter in a manage action to index.php; (2) the Email field in an Add User action; (3) the ...
Simple Invoices Simple Invoices
Simple Invoices Simple Invoices 2007-05-25
Simple Invoices Simple Invoices 2007-01-25
Simple Invoices Simple Invoices 2006-12-11
Simple Invoices Simple Invoices 2007-02-02
1 EDB exploit
NA
CVE-2023-40481
7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must v...
1 Github repository
NA
CVE-2023-31102
Ppmd7.c in 7-Zip prior to 23.00 allows an integer underflow and invalid read operation via a crafted 7Z archive.
7-zip 7-zip
Netapp Oncommand Workflow Automation -
Netapp Active Iq Unified Manager -
NA
CVE-2022-47069
p7zip 16.02 exists to contain a heap-buffer-overflow vulnerability via the function NArchive::NZip::CInArchive::FindCd(bool) at CPP/7zip/Archive/Zip/ZipIn.cpp.
7-zip P7zip 16.02
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2