Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unzip vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-9261
huft_build in archival/libarchive/decompress_gunzip.c in BusyBox prior to 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file.
Busybox Busybox
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
NA
CVE-2018-10886
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: this candidate is not about any specific product, protocol, or design, that falls into the scope of the assigning CNA. Notes: None
7.5
CVSSv2
CVE-2018-12914
A remote code execution issue exists in PublicCMS V4.0.20180210. An attacker can upload a ZIP archive that contains a .jsp file with a directory traversal pathname. After an unzip operation, the attacker can execute arbitrary code by visiting a .jsp URI.
Publiccms Publiccms 4.0.20180210
6
CVSSv2
CVE-2018-11494
The "program extension upload" feature in OpenCart up to and including 3.0.2.0 has a six-step process (upload, install, unzip, move, xml, remove) that allows malicious users to execute arbitrary code if the remove step is skipped, because the attacker can discover a sec...
Opencart Opencart
6.8
CVSSv2
CVE-2018-1000031
A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an malicious user to perform a denial of service or to possibly achieve code execution.
Info-zip Unzip 6.10c22
6.8
CVSSv2
CVE-2018-1000032
A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an malicious user to perform a denial of service or to possibly achieve code execution.
Info-zip Unzip 6.10c22
6.4
CVSSv2
CVE-2018-1000033
An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an malicious user to perform a denial of service and read sensitive memory.
Info-zip Unzip 6.10c22
6.4
CVSSv2
CVE-2018-1000034
An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an malicious user to perform a denial of service and read sensitive memory.
Info-zip Unzip 6.10c22
6.8
CVSSv2
CVE-2018-1000035
A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an malicious user to perform a denial of service or to possibly achieve code execution.
Unzip Project Unzip
5
CVSSv2
CVE-2017-14719
Before version 4.8.2, WordPress was vulnerable to a directory traversal attack during unzip operations in the ZipArchive and PclZip components.
Wordpress Wordpress 4.7.1
Wordpress Wordpress 4.7.2
Wordpress Wordpress 4.6.6
Wordpress Wordpress 4.6.5
Wordpress Wordpress 4.6.4
Wordpress Wordpress 4.5.7
Wordpress Wordpress 4.5.6
Wordpress Wordpress 4.5
Wordpress Wordpress 4.4.9
Wordpress Wordpress 4.4.11
Wordpress Wordpress 4.4.10
Wordpress Wordpress 4.3.5
Wordpress Wordpress 4.3.4
Wordpress Wordpress 4.3
Wordpress Wordpress 4.2.9
Wordpress Wordpress 4.2.16
Wordpress Wordpress 4.2.15
Wordpress Wordpress 4.2
Wordpress Wordpress 4.1.9
Wordpress Wordpress 4.1.2
Wordpress Wordpress 4.1.19
Wordpress Wordpress 4.1.11
2 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »