Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zlib zlib vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2005-0851
FileZilla FTP server prior to 0.9.6, when using MODE Z (zlib compression), allows remote malicious users to cause a denial of service (infinite loop) via certain file uploads or directory listings.
Filezilla-project Filezilla Server
383
VMScore
CVE-2017-7609
elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote malicious users to cause a denial of service (memory consumption) via a crafted ELF file.
Elfutils Project Elfutils 0.168
NA
CVE-2023-3255
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the `inflate_buffer` function. This could allow a remote authenticated client who is ...
Qemu Qemu
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 38
445
VMScore
CVE-2011-0015
Tor prior to 0.2.1.29 and 0.2.2.x prior to 0.2.2.21-alpha does not properly check the amount of compression in zlib-compressed data, which allows remote malicious users to cause a denial of service via a large compression factor.
Tor Tor 0.2.1.11
Tor Tor 0.2.1.12
Tor Tor 0.2.1.17
Tor Tor 0.2.1.19
Tor Tor 0.2.1.20
Tor Tor 0.2.1.25
Tor Tor 0.2.1.27
Tor Tor 0.2.1.8
Tor Tor 0.2.0.31
Tor Tor 0.2.0.32
Tor Tor 0.2.0.28
Tor Tor 0.2.0.25
Tor Tor 0.2.0.27
Tor Tor 0.2.0.16
Tor Tor 0.2.0.18
Tor Tor 0.2.0.8
Tor Tor 0.2.0.11
Tor Tor 0.2.0.1
Tor Tor 0.2.0.3
Tor Tor 0.1.2.13
Tor Tor 0.1.2.5
Tor Tor 0.1.2.11
NA
CVE-2023-35989
An integer overflow vulnerability exists in the LXT2 zlib block allocation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
Tonybybell Gtkwave 3.3.115
NA
CVE-2023-38657
An out-of-bounds write vulnerability exists in the LXT2 zlib block decompression functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
Tonybybell Gtkwave 3.3.115
605
VMScore
CVE-2015-7054
zlib in the Compression component in Apple iOS prior to 9.2, OS X prior to 10.11.2, tvOS prior to 9.1, and watchOS prior to 2.1 does not initialize memory for an unspecified data structure, which allows remote malicious users to execute arbitrary code via a crafted web site.
Apple Iphone Os
Apple Mac Os X
Apple Watchos
Apple Tvos
383
VMScore
CVE-2011-2174
Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x prior to 1.2.17 and 1.4.x prior to 1.4.7 allows remote malicious users to cause a denial of service (application crash) via a packet with malformed data that uses zlib compression.
Wireshark Wireshark 1.2.10
Wireshark Wireshark 1.2.8
Wireshark Wireshark 1.2.13
Wireshark Wireshark 1.2.5
Wireshark Wireshark 1.2.7
Wireshark Wireshark 1.2.6
Wireshark Wireshark 1.2.3
Wireshark Wireshark 1.2.0
Wireshark Wireshark 1.2.16
Wireshark Wireshark 1.2.12
Wireshark Wireshark 1.2.11
Wireshark Wireshark 1.2.4
Wireshark Wireshark 1.2.1
Wireshark Wireshark 1.2.9
Wireshark Wireshark 1.2
Wireshark Wireshark 1.2.14
Wireshark Wireshark 1.2.2
Wireshark Wireshark 1.2.15
Wireshark Wireshark 1.4.3
Wireshark Wireshark 1.4.2
Wireshark Wireshark 1.4.1
Wireshark Wireshark 1.4.0
383
VMScore
CVE-2015-8721
Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x prior to 1.12.9 and 2.0.x prior to 2.0.1 allows remote malicious users to cause a denial of service (application crash) via a crafted packet with zlib compression.
Wireshark Wireshark 1.12.4
Wireshark Wireshark 1.12.5
Wireshark Wireshark 1.12.0
Wireshark Wireshark 1.12.2
Wireshark Wireshark 1.12.1
Wireshark Wireshark 1.12.7
Wireshark Wireshark 1.12.6
Wireshark Wireshark 1.12.3
Wireshark Wireshark 1.12.8
445
VMScore
CVE-2018-14340
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read.
Wireshark Wireshark
Debian Debian Linux 8.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »