Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zlib zlib vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2005-2801
xattr.c in the ext2 and ext3 file system code for Linux kernel 2.6 does not properly compare the name_index fields when sharing xattr blocks, which could prevent default ACLs from being applied.
Linux Linux Kernel 2.6.0
7.4
CVSSv3
CVE-2022-29154
An issue exists in rsync prior to 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file ...
Samba Rsync
Fedoraproject Fedora 35
Fedoraproject Fedora 36
2 Github repositories
7
CVSSv3
CVE-2021-41617
sshd in OpenSSH 6.2 up to and including 8.x prior to 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run w...
Openbsd Openssh
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Aff A250 Firmware -
Netapp Aff 500f Firmware -
Oracle Http Server 12.2.1.2.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Starwindsoftware Starwind Virtual San V8r13
5 Github repositories
6.5
CVSSv3
CVE-2023-3255
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the `inflate_buffer` function. This could allow a remote authenticated client who is ...
Qemu Qemu
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 38
5.5
CVSSv3
CVE-2023-6992
Cloudflare version of zlib library was found to be vulnerable to memory corruption issues affecting the deflation algorithm implementation (deflate.c). The issues resulted from improper input validation and heap-based buffer overflow. A local attacker could exploit the problem du...
Cloudflare Zlib
5.5
CVSSv3
CVE-2017-7609
elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote malicious users to cause a denial of service (memory consumption) via a crafted ELF file.
Elfutils Project Elfutils 0.168
5.5
CVSSv3
CVE-2015-8721
Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x prior to 1.12.9 and 2.0.x prior to 2.0.1 allows remote malicious users to cause a denial of service (application crash) via a crafted packet with zlib compression.
Wireshark Wireshark 1.12.4
Wireshark Wireshark 1.12.5
Wireshark Wireshark 1.12.0
Wireshark Wireshark 1.12.2
Wireshark Wireshark 1.12.1
Wireshark Wireshark 1.12.7
Wireshark Wireshark 1.12.6
Wireshark Wireshark 1.12.3
Wireshark Wireshark 1.12.8
5.5
CVSSv3
CVE-2005-2456
Array index overflow in the xfrm_sk_policy_insert function in xfrm_user.c in Linux kernel 2.6 allows local users to cause a denial of service (oops or deadlock) and possibly execute arbitrary code via a p->dir value that is larger than XFRM_POLICY_OUT, which is used as an inde...
Linux Linux Kernel 2.6.0
Debian Debian Linux 3.1
5.3
CVSSv3
CVE-2016-20012
OpenSSH up to and including 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be va...
Openbsd Openssh
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
4 Github repositories
4.7
CVSSv3
CVE-2005-3274
Race condition in ip_vs_conn_flush in Linux 2.6 prior to 2.6.13 and 2.4 prior to 2.4.32-pre2, when running on SMP systems, allows local users to cause a denial of service (null dereference) by causing a connection timer to expire while the connection table is being flushed before...
Linux Linux Kernel
Debian Debian Linux 3.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-25525
CVE-2024-4652
CVE-2024-1438
CVE-2024-4671
CVE-2024-34351
arbitrary
CVE-2024-4650
SQL injection
overflow
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »