Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
archive zip vulnerabilities and exploits
(subscribe to this query)
6.2
CVSSv2
CVE-2005-0602
Unzip 5.51 and previous versions does not properly warn the user when extracting setuid or setgid files, which may allow local users to gain privileges.
Info-zip Unzip
Info-zip Unzip 5.50
10
CVSSv2
CVE-2004-1010
Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compression, allows remote malicious users to execute arbitrary code via a ZIP file containing a long pathname.
Info-zip Zip 2.3
4.3
CVSSv2
CVE-2017-8843
The join_pthread function in stream.c in liblrzip.so in lrzip 0.631 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive.
Long Range Zip Project Long Range Zip 0.631
6.8
CVSSv2
CVE-2016-2335
The CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp in 7zip 9.20 and 15.05 beta and p7zip allows remote malicious users to cause a denial of service (out-of-bounds read) or execute arbitrary code via the PartitionRef field in the Long Allocation Descriptor in a UDF file.
Opensuse Opensuse 13.2
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7-zip 7-zip 9.20
7-zip 7-zip 15.05
1 Github repository
4.3
CVSSv2
CVE-2017-8847
The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in lrzip 0.631 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive.
Long Range Zip Project Long Range Zip 0.631
4.3
CVSSv2
CVE-2017-8842
The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in lrzip 0.631 allows remote malicious users to cause a denial of service (divide-by-zero error and application crash) via a crafted archive.
Long Range Zip Project Long Range Zip 0.631
4.3
CVSSv2
CVE-2017-8845
The lzo1x_decompress function in lzo1x_d.ch in LZO 2.08, as used in lrzip 0.631, allows remote malicious users to cause a denial of service (invalid memory read and application crash) via a crafted archive.
Long Range Zip Project Long Range Zip 0.631
4.3
CVSSv2
CVE-2019-10654
The lzo1x_decompress function in liblzo2.so.2 in LZO 2.10, as used in Long Range Zip (aka lrzip) 0.631, allows remote malicious users to cause a denial of service (invalid memory read and application crash) via a crafted archive, a different vulnerability than CVE-2017-8845.
Long Range Zip Project Long Range Zip 0.631
6.8
CVSSv2
CVE-2017-17969
Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip prior to 18.00 and p7zip allows remote malicious users to cause a denial of service (out-of-bounds write) or potentially execute arbitrary code via a crafted ZIP archive.
7-zip 7-zip
7-zip P7zip
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
6.8
CVSSv2
CVE-2018-5996
Insufficient exception handling in the method NCompress::NRar3::CDecoder::Code of 7-Zip prior to 18.00 and p7zip can lead to multiple memory corruptions within the PPMd code, allows remote malicious users to cause a denial of service (segmentation fault) or execute arbitrary code...
7-zip 7-zip
7-zip P7zip
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »