Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zlib zlib vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2017-7609
elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote malicious users to cause a denial of service (memory consumption) via a crafted ELF file.
Elfutils Project Elfutils 0.168
383
VMScore
CVE-2015-8721
Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x prior to 1.12.9 and 2.0.x prior to 2.0.1 allows remote malicious users to cause a denial of service (application crash) via a crafted packet with zlib compression.
Wireshark Wireshark 1.12.4
Wireshark Wireshark 1.12.5
Wireshark Wireshark 1.12.0
Wireshark Wireshark 1.12.2
Wireshark Wireshark 1.12.1
Wireshark Wireshark 1.12.7
Wireshark Wireshark 1.12.6
Wireshark Wireshark 1.12.3
Wireshark Wireshark 1.12.8
383
VMScore
CVE-2011-2174
Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x prior to 1.2.17 and 1.4.x prior to 1.4.7 allows remote malicious users to cause a denial of service (application crash) via a packet with malformed data that uses zlib compression.
Wireshark Wireshark 1.2.10
Wireshark Wireshark 1.2.8
Wireshark Wireshark 1.2.13
Wireshark Wireshark 1.2.5
Wireshark Wireshark 1.2.7
Wireshark Wireshark 1.2.6
Wireshark Wireshark 1.2.3
Wireshark Wireshark 1.2.0
Wireshark Wireshark 1.2.16
Wireshark Wireshark 1.2.12
Wireshark Wireshark 1.2.11
Wireshark Wireshark 1.2.4
Wireshark Wireshark 1.2.1
Wireshark Wireshark 1.2.9
Wireshark Wireshark 1.2
Wireshark Wireshark 1.2.14
Wireshark Wireshark 1.2.2
Wireshark Wireshark 1.2.15
Wireshark Wireshark 1.4.3
Wireshark Wireshark 1.4.2
Wireshark Wireshark 1.4.1
Wireshark Wireshark 1.4.0
383
VMScore
CVE-2008-4684
packet-frame in Wireshark 0.99.2 up to and including 1.0.3 does not properly handle exceptions thrown by post dissectors, which allows remote malicious users to cause a denial of service (application crash) via a certain series of packets, as demonstrated by enabling the (1) PRP ...
Wireshark Wireshark 0.99.2
Wireshark Wireshark 0.99.8
Wireshark Wireshark 1.0
Wireshark Wireshark 0.99.6a
Wireshark Wireshark 0.99.7
Wireshark Wireshark 0.99.5
Wireshark Wireshark 0.99.6
Wireshark Wireshark 1.0.3
Wireshark Wireshark 0.99.3
Wireshark Wireshark 0.99.4
Wireshark Wireshark 1.0.0
Wireshark Wireshark 1.0.1
Wireshark Wireshark 1.0.2
383
VMScore
CVE-2008-3137
The GSM SMS dissector in Wireshark (formerly Ethereal) 0.99.2 up to and including 1.0.0 allows remote malicious users to cause a denial of service (application crash) via unknown vectors.
Wireshark Wireshark 0.99.7
Wireshark Wireshark 0.99.8
Wireshark Wireshark 0.99.3
Wireshark Wireshark 0.99.4
Wireshark Wireshark 0.99.5
Wireshark Wireshark 0.99.6
Wireshark Wireshark 0.9.5
Wireshark Wireshark 0.99.2
Wireshark Wireshark 1.0
Wireshark Wireshark 1.0.0
383
VMScore
CVE-2007-2231
Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot prior to 1.0.rc29, when using the zlib plugin, allows remote malicious users to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
Dovecot Dovecot 1.0.beta4
Dovecot Dovecot 1.0.beta5
Dovecot Dovecot 1.0.rc11
Dovecot Dovecot 1.0.rc12
Dovecot Dovecot 1.0.rc2
Dovecot Dovecot 1.0.rc20
Dovecot Dovecot 1.0.rc27
Dovecot Dovecot 1.0.rc28
Dovecot Dovecot 1.0.rc9
Dovecot Dovecot 1.0.beta2
Dovecot Dovecot 1.0.beta3
Dovecot Dovecot 1.0.rc1
Dovecot Dovecot 1.0.rc10
Dovecot Dovecot 1.0.rc18
Dovecot Dovecot 1.0.rc19
Dovecot Dovecot 1.0.rc25
Dovecot Dovecot 1.0.rc26
Dovecot Dovecot 1.0.rc7
Dovecot Dovecot 1.0.rc8
Dovecot Dovecot 1.0.beta6
Dovecot Dovecot 1.0.beta7
Dovecot Dovecot 1.0.rc13
356
VMScore
CVE-2006-5823
The zlib_inflate function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via a malformed filesystem that uses zlib compression that triggers memory corruption, as demonstrated using cramfs.
Linux Linux Kernel 2.6.0
Linux Linux Kernel 2.6.10
Linux Linux Kernel 2.6.11.3
Linux Linux Kernel 2.6.11.4
Linux Linux Kernel 2.6.11
Linux Linux Kernel 2.6.12.2
Linux Linux Kernel 2.6.12.3
Linux Linux Kernel 2.6.12
Linux Linux Kernel 2.6.13
Linux Linux Kernel 2.6.14.2
Linux Linux Kernel 2.6.14.3
Linux Linux Kernel 2.6.14
Linux Linux Kernel 2.6.15.6
Linux Linux Kernel 2.6.15.7
Linux Linux Kernel 2.6.15
Linux Linux Kernel 2.6.16
Linux Linux Kernel 2.6.16.16
Linux Linux Kernel 2.6.16.17
Linux Linux Kernel 2.6.16.23
Linux Linux Kernel 2.6.16.24
Linux Linux Kernel 2.6.16.7
Linux Linux Kernel 2.6.16.8
329
VMScore
CVE-2005-1768
Race condition in the ia32 compatibility code for the execve system call in Linux kernel 2.4 prior to 2.4.31 and 2.6 prior to 2.6.6 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via a concurrent thread that increments a pointer...
Linux Linux Kernel 2.4.0
Linux Linux Kernel 2.4.15
Linux Linux Kernel 2.4.16
Linux Linux Kernel 2.4.18
Linux Linux Kernel 2.4.19
Linux Linux Kernel 2.4.21
Linux Linux Kernel 2.4.22
Linux Linux Kernel 2.4.1
Linux Linux Kernel 2.4.10
Linux Linux Kernel 2.4.17
Linux Linux Kernel 2.4.2
Linux Linux Kernel 2.4.23
Linux Linux Kernel 2.4.27
Linux Linux Kernel 2.4.29
Linux Linux Kernel 2.4.3
Linux Linux Kernel 2.6.0
Linux Linux Kernel 2.6.1
Linux Linux Kernel 2.6.5
Linux Linux Kernel 2.6.6
Linux Linux Kernel 2.4.13
Linux Linux Kernel 2.4.14
Linux Linux Kernel 2.4.24
294
VMScore
CVE-2008-3933
Wireshark (formerly Ethereal) 0.10.14 up to and including 1.0.2 allows malicious users to cause a denial of service (crash) via a packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function.
Wireshark Wireshark 0.10.14
Wireshark Wireshark 0.10.2
Wireshark Wireshark 0.10.9
Wireshark Wireshark 0.99.0
Wireshark Wireshark 0.10.3
Wireshark Wireshark 0.10.4
Wireshark Wireshark 0.99.1
Wireshark Wireshark 0.99.2
Wireshark Wireshark 0.99.8
Wireshark Wireshark 1.0.0
Wireshark Wireshark 0.10.5
Wireshark Wireshark 0.10.6
Wireshark Wireshark 0.99.3
Wireshark Wireshark 0.99.4
Wireshark Wireshark 1.0.1
Wireshark Wireshark 1.0.2
Wireshark Wireshark 0.99.6a
Wireshark Wireshark 0.99.7
Wireshark Wireshark 0.10.7
Wireshark Wireshark 0.10.8
Wireshark Wireshark 0.99.5
Wireshark Wireshark 0.99.6
235
VMScore
CVE-2012-4929
The TLS protocol 1.2 and previous versions, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle malicious users to obtain plaintext HTTP head...
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Google Chrome
Mozilla Firefox
14 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »