Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unzip vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2022-0530
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an malicious user to input a specially crafted zip file, leading to a crash or code execution.
Unzip Project Unzip 6.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 35
Apple Mac Os X
Apple Mac Os X 10.15.7
Apple Macos
Debian Debian Linux 10.0
Debian Debian Linux 11.0
2 Github repositories
2.6
CVSSv2
CVE-2003-0282
Directory traversal vulnerability in UnZip 5.50 allows malicious users to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence.
Info-zip Unzip 5.50
Sco Openlinux Workstation 3.1.1
Sco Openlinux Server 3.1.1
1 EDB exploit
7.5
CVSSv2
CVE-2015-1315
Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote malicious users to execute arbitrary code via a crafted string, as demonstrated by converting a string from CP866 to UTF-8.
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Info-zip Unzip 6.10b
6.8
CVSSv2
CVE-2014-8141
Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and previous versions allows remote malicious users to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
Unzip Project Unzip
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Server Eus 7.1
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Tus 6.6
Redhat Enterprise Linux Server Eus 6.6
Redhat Enterprise Linux Server Tus 7.7
6.8
CVSSv2
CVE-2014-8139
Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and previous versions allows remote malicious users to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
Unzip Project Unzip
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 6.6
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Server Eus 7.1
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Tus 6.6
Redhat Enterprise Linux Server Eus 6.6
Redhat Enterprise Linux Server Eus 7.7
6.8
CVSSv2
CVE-2014-8140
Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and previous versions allows remote malicious users to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
Unzip Project Unzip
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 6.6
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Server Eus 7.1
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Tus 6.6
Redhat Enterprise Linux Server Eus 6.6
Redhat Enterprise Linux Server Eus 7.7
NA
CVE-2023-41373
A directory traversal vulnerability exists in the BIG-IP Configuration Utility that may allow an authenticated malicious user to execute commands on the BIG-IP system. For BIG-IP system running in Appliance mode, a successful exploit can allow the malicious user to cross a secur...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Local Traffic Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Visibility And Reporting
F5 Big-ip Carrier-grade Nat
F5 Big-ip Ddos Hybrid Defender
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Ssl Orchestrator
F5 Big-ip Webaccelerator
F5 Big-ip Websafe
5.8
CVSSv2
CVE-2018-17828
Directory traversal vulnerability in ZZIPlib 0.13.69 allows malicious users to overwrite arbitrary files via a .. (dot dot) in a zip file, because of the function unzzip_cat in the bins/unzzipcat-mem.c file.
Zziplib Project Zziplib 0.13.69
NA
CVE-2023-28105
go-used-util has commonly used utility functions for Go. Versions before 0.0.34 have a ZipSlip issue when using fsutil package to unzip files. When users use `zip.Unzip` to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. The issue has been fix...
Go-huge-util Project Go-huge-util
NA
CVE-2024-25978
Insufficient file size checks resulted in a denial of service risk in the file picker's unzip functionality.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »