Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zlib zlib vulnerabilities and exploits
(subscribe to this query)
4.7
CVSSv3
CVE-2005-3106
Race condition in Linux 2.6, when threads are sharing memory mapping via CLONE_VM (such as linuxthreads and vfork), might allow local users to cause a denial of service (deadlock) by triggering a core dump while waiting for a thread that has just performed an exec.
Linux Linux Kernel 2.6.0
Debian Debian Linux 3.1
Canonical Ubuntu Linux 4.10
Canonical Ubuntu Linux 5.04
NA
CVE-2015-7054
zlib in the Compression component in Apple iOS prior to 9.2, OS X prior to 10.11.2, tvOS prior to 9.1, and watchOS prior to 2.1 does not initialize memory for an unspecified data structure, which allows remote malicious users to execute arbitrary code via a crafted web site.
Apple Iphone Os
Apple Mac Os X
Apple Watchos
Apple Tvos
NA
CVE-2015-1191
Multiple directory traversal vulnerabilities in pigz 2.3.1 allow remote malicious users to write to arbitrary files via a (1) full pathname or (2) .. (dot dot) in an archive.
Zlib Pigz 2.3.1
NA
CVE-2013-0296
Race condition in pigz prior to 2.2.5 uses permissions derived from the umask when compressing a file before setting that file's permissions to match those of the original file, which might allow local users to bypass intended access permissions while compression is occurrin...
Zlib Pigz
NA
CVE-2013-0166
OpenSSL prior to 0.9.8y, 1.0.0 prior to 1.0.0k, and 1.0.1 prior to 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key.
Openssl Openssl 0.9.7
Openssl Openssl 0.9.5a
Openssl Openssl 0.9.8b
Openssl Openssl 0.9.7l
Openssl Openssl 0.9.6i
Openssl Openssl 0.9.8m
Openssl Openssl 0.9.3
Openssl Openssl 0.9.8c
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 0.9.7c
Openssl Openssl 0.9.5
Openssl Openssl 0.9.8n
Openssl Openssl 0.9.8p
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.6
Openssl Openssl 1.0.1c
Openssl Openssl 0.9.7j
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.8e
Openssl Openssl 0.9.8u
1 Github repository
NA
CVE-2013-0169
The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote malicious...
Openssl Openssl
Oracle Openjdk 1.7.0
Oracle Openjdk 1.6.0
Polarssl Polarssl 0.14.2
Polarssl Polarssl 0.11.0
Polarssl Polarssl 1.0.0
Polarssl Polarssl 0.13.1
Polarssl Polarssl 1.1.3
Polarssl Polarssl 0.12.1
Polarssl Polarssl 0.99
Polarssl Polarssl 0.11.1
Polarssl Polarssl 1.1.4
Polarssl Polarssl 0.14.0
Polarssl Polarssl 1.1.1
Polarssl Polarssl 1.1.2
Polarssl Polarssl 0.14.3
Polarssl Polarssl 1.1.0
Polarssl Polarssl 0.10.1
Polarssl Polarssl 0.12.0
Polarssl Polarssl 0.10.0
11 Github repositories
NA
CVE-2012-4929
The TLS protocol 1.2 and previous versions, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle malicious users to obtain plaintext HTTP head...
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Google Chrome
Mozilla Firefox
14 Github repositories
NA
CVE-2011-2174
Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x prior to 1.2.17 and 1.4.x prior to 1.4.7 allows remote malicious users to cause a denial of service (application crash) via a packet with malformed data that uses zlib compression.
Wireshark Wireshark 1.2.10
Wireshark Wireshark 1.2.8
Wireshark Wireshark 1.2.13
Wireshark Wireshark 1.2.5
Wireshark Wireshark 1.2.7
Wireshark Wireshark 1.2.6
Wireshark Wireshark 1.2.3
Wireshark Wireshark 1.2.0
Wireshark Wireshark 1.2.16
Wireshark Wireshark 1.2.12
Wireshark Wireshark 1.2.11
Wireshark Wireshark 1.2.4
Wireshark Wireshark 1.2.1
Wireshark Wireshark 1.2.9
Wireshark Wireshark 1.2
Wireshark Wireshark 1.2.14
Wireshark Wireshark 1.2.2
Wireshark Wireshark 1.2.15
Wireshark Wireshark 1.4.3
Wireshark Wireshark 1.4.2
Wireshark Wireshark 1.4.1
Wireshark Wireshark 1.4.0
NA
CVE-2011-0015
Tor prior to 0.2.1.29 and 0.2.2.x prior to 0.2.2.21-alpha does not properly check the amount of compression in zlib-compressed data, which allows remote malicious users to cause a denial of service via a large compression factor.
Tor Tor 0.2.1.11
Tor Tor 0.2.1.12
Tor Tor 0.2.1.17
Tor Tor 0.2.1.19
Tor Tor 0.2.1.20
Tor Tor 0.2.1.25
Tor Tor 0.2.1.27
Tor Tor 0.2.1.8
Tor Tor 0.2.0.31
Tor Tor 0.2.0.32
Tor Tor 0.2.0.28
Tor Tor 0.2.0.25
Tor Tor 0.2.0.27
Tor Tor 0.2.0.16
Tor Tor 0.2.0.18
Tor Tor 0.2.0.8
Tor Tor 0.2.0.11
Tor Tor 0.2.0.1
Tor Tor 0.2.0.3
Tor Tor 0.1.2.13
Tor Tor 0.1.2.5
Tor Tor 0.1.2.11
NA
CVE-2010-0734
content_encoding.c in libcurl 7.10.5 up to and including 7.19.7, when zlib is enabled, does not properly restrict the amount of callback data sent to an application that requests automatic decompression, which might allow remote malicious users to cause a denial of service (appli...
Curl Libcurl 7.10.8
Curl Libcurl 7.11.0
Curl Libcurl 7.12.3
Curl Libcurl 7.13
Curl Libcurl 7.15.2
Curl Libcurl 7.15.3
Curl Libcurl 7.19.1
Curl Libcurl 7.19.2
Curl Libcurl 7.10.5
Curl Libcurl 7.10.6
Curl Libcurl 7.10.7
Curl Libcurl 7.12.1
Curl Libcurl 7.12.2
Curl Libcurl 7.15
Curl Libcurl 7.15.1
Curl Libcurl 7.18.2
Curl Libcurl 7.19.0
Curl Libcurl 7.19.7
Curl Libcurl 7.12
Curl Libcurl 7.12.0
Curl Libcurl 7.14
Curl Libcurl 7.14.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgery
CVE-2024-34351
CVE-2024-1076
CVE-2024-25522
CVE-2024-34547
CVE-2024-4644
unauthorized
remote
CVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »