Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unzip vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv2
CVE-2020-5196
Cerberus FTP Server Enterprise Edition prior to versions 11.0.3 and 10.0.18 allows an authenticated malicious user to create files, display hidden files, list directories, and list files without the permission to zip and download (or unzip and upload) files. There are multiple wa...
Cerberusftp Ftp Server
6.4
CVSSv2
CVE-2021-21689
FilePath#unzip and FilePath#untar were not subject to any agent-to-controller access control in Jenkins 2.318 and previous versions, LTS 2.303.2 and previous versions.
Jenkins Jenkins
7.5
CVSSv2
CVE-2021-31272
SerenityOS before commit 3844e8569689dd476064a0759d704bc64fb3ca2c contains a directory traversal vulnerability in tar/unzip that may lead to command execution or privilege escalation.
Serenityos Serenityos
5
CVSSv2
CVE-2022-28544
Path traversal vulnerability in unzip method of InstallAgentCommonHelper in Galaxy store prior to version 4.5.40.5 allows malicious user to access the file of Galaxy store.
Samsung Galaxy Store
6.4
CVSSv2
CVE-2018-17297
The unzip function in ZipUtil.java in Hutool prior to 4.1.12 allows remote malicious users to overwrite arbitrary files via directory traversal sequences in a filename within a ZIP archive.
Hutool Hutool
1
CVSSv2
CVE-2009-3412
Unspecified vulnerability in the Unzip component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5; and Oracle Application Server 10.1.2.3; allows local users to affect confidentiality via unknown vectors.
Oracle Application Server 10.1.2.3
Oracle Database Server 9.2.0.8
Oracle Database Server 9.2.0.8dv
Oracle Database Server 10.1.0.5
6.8
CVSSv2
CVE-2004-2674
Directory traversal vulnerability in ArGoSoft FTP Server prior to 1.4.1.6 allows remote authenticated users to determine the existence of arbitrary files via ".." sequences in the SITE UNZIP argument.
Argosoft Ftp Server
NA
CVE-2022-46902
An issue exists in Vocera Report Server and Voice Server 5.x up to and including 5.8. There is a Path Traversal for an Unzip operation. The Vocera Report Console contains a websocket function that allows for the restoration of the database from a ZIP archive that expects a SQL im...
Vocera Voice Server
Vocera Report Server
4
CVSSv2
CVE-2021-33211
A Directory Traversal vulnerability in the Unzip feature in Elements-IT HTTP Commander 5.3.3 allows remote authenticated users to write files to arbitrary directories via relative paths in ZIP archives.
Element-it Http Commander 5.3.3
6.8
CVSSv2
CVE-2016-4313
Directory traversal vulnerability in unzip/extract feature in eXtplorer 2.1.9 allows remote malicious users to execute arbitrary files via a .. (dot dot) in an archive file.
Extplorer Extplorer 2.1.9
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »