Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zlib zlib vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2005-2801
xattr.c in the ext2 and ext3 file system code for Linux kernel 2.6 does not properly compare the name_index fields when sharing xattr blocks, which could prevent default ACLs from being applied.
Linux Linux Kernel 2.6.0
7.4
CVSSv3
CVE-2022-29154
An issue exists in rsync prior to 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file ...
Samba Rsync
Fedoraproject Fedora 35
Fedoraproject Fedora 36
2 Github repositories
6.5
CVSSv3
CVE-2023-3255
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the `inflate_buffer` function. This could allow a remote authenticated client who is ...
Qemu Qemu
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 38
5.5
CVSSv3
CVE-2023-6992
Cloudflare version of zlib library was found to be vulnerable to memory corruption issues affecting the deflation algorithm implementation (deflate.c). The issues resulted from improper input validation and heap-based buffer overflow. A local attacker could exploit the problem du...
Cloudflare Zlib
5.5
CVSSv3
CVE-2014-9485
Directory traversal vulnerability in the do_extract_currentfile function in miniunz.c in miniunzip in minizip prior to 1.1-5 might allow remote malicious users to write to arbitrary files via a crafted entry in a ZIP archive.
Minizip Project Minizip
1 Github repository
5.5
CVSSv3
CVE-2017-7609
elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote malicious users to cause a denial of service (memory consumption) via a crafted ELF file.
Elfutils Project Elfutils 0.168
5.5
CVSSv3
CVE-2015-8721
Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x prior to 1.12.9 and 2.0.x prior to 2.0.1 allows remote malicious users to cause a denial of service (application crash) via a crafted packet with zlib compression.
Wireshark Wireshark 1.12.4
Wireshark Wireshark 1.12.5
Wireshark Wireshark 1.12.0
Wireshark Wireshark 1.12.2
Wireshark Wireshark 1.12.1
Wireshark Wireshark 1.12.7
Wireshark Wireshark 1.12.6
Wireshark Wireshark 1.12.3
Wireshark Wireshark 1.12.8
5.5
CVSSv3
CVE-2005-2456
Array index overflow in the xfrm_sk_policy_insert function in xfrm_user.c in Linux kernel 2.6 allows local users to cause a denial of service (oops or deadlock) and possibly execute arbitrary code via a p->dir value that is larger than XFRM_POLICY_OUT, which is used as an inde...
Linux Linux Kernel 2.6.0
Debian Debian Linux 3.1
4.7
CVSSv3
CVE-2005-3274
Race condition in ip_vs_conn_flush in Linux 2.6 prior to 2.6.13 and 2.4 prior to 2.4.32-pre2, when running on SMP systems, allows local users to cause a denial of service (null dereference) by causing a connection timer to expire while the connection table is being flushed before...
Linux Linux Kernel
Debian Debian Linux 3.1
4.7
CVSSv3
CVE-2005-3106
Race condition in Linux 2.6, when threads are sharing memory mapping via CLONE_VM (such as linuxthreads and vfork), might allow local users to cause a denial of service (deadlock) by triggering a core dump while waiting for a thread that has just performed an exec.
Linux Linux Kernel 2.6.0
Debian Debian Linux 3.1
Canonical Ubuntu Linux 4.10
Canonical Ubuntu Linux 5.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
log injection
CVE-2024-37079
type confusion
CVE-2024-32943
CVE-2024-30103
CVE-2024-37350
arbitrary code
CVE-2024-6189
CVE-2024-6225
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »