Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
archive zip vulnerabilities and exploits
(subscribe to this query)
5.1
CVSSv2
CVE-2006-3497
Unspecified vulnerability in the "compression state handling" in Bom for Apple Mac OS X 10.3.9 and 10.4.7 allows user-assisted malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Zip archive.
Apple Mac Os X 10.4.7
Apple Mac Os X Server 10.3.9
Apple Mac Os X 10.3.9
Apple Mac Os X Server 10.4.7
7.5
CVSSv2
CVE-2017-5946
The Zip::File component in the rubyzip gem prior to 1.2.1 for Ruby has a directory traversal vulnerability. If a site allows uploading of .zip files, an attacker can upload a malicious file that uses "../" pathname substrings to write arbitrary files to the filesystem.
Rubyzip Project Rubyzip
Debian Debian Linux 8.0
Debian Debian Linux 9.0
9.3
CVSSv2
CVE-2009-2261
PeaZIP 2.6.1, 2.5.1, and previous versions on Windows allows user-assisted remote malicious users to execute arbitrary commands via a .zip archive with a .txt file whose name contains | (pipe) characters and a command.
Giorgio Tani Peazip 1.9.2
Giorgio Tani Peazip 1.9.3
Giorgio Tani Peazip
Giorgio Tani Peazip 1.8.1
Giorgio Tani Peazip 1.0
Giorgio Tani Peazip 2.6.1
Giorgio Tani Peazip 2.4.1
Giorgio Tani Peazip 1.6
Giorgio Tani Peazip 2.2
Giorgio Tani Peazip 1.1
Giorgio Tani Peazip 2.1
Giorgio Tani Peazip 2.3a
Giorgio Tani Peazip 1.5
Giorgio Tani Peazip 2.4
Giorgio Tani Peazip 1.9
Giorgio Tani Peazip 1.4
Giorgio Tani Peazip 1.3
Giorgio Tani Peazip 1.8
Giorgio Tani Peazip 1.10
Giorgio Tani Peazip 2.0
Giorgio Tani Peazip 1.7
Giorgio Tani Peazip 1.9.1
2 EDB exploits
9.3
CVSSv2
CVE-2010-1686
Stack-based buffer overflow in (1) Urgent Backup 3.20, and (2) ABC Backup Pro 5.20 and ABC Backup 5.50, allows user-assisted remote malicious users to execute arbitrary code via a crafted ZIP archive.
Abcbackup Abc Backup 5.20
Abcbackup Abc Backup 5.50
Internet-soft Urgent Backup 3.20
1 EDB exploit
2.6
CVSSv2
CVE-2006-1457
Safari on Apple Mac OS X 10.4.6, when "Open `safe' files after downloading" is enabled, will automatically expand archives, which could allow remote malicious users to overwrite arbitrary files via an archive that contains a symlink.
Apple Mac Os X Server 10.4.6
Apple Mac Os X 10.4.6
5
CVSSv2
CVE-2014-3381
The ZIP inspection engine in Cisco AsyncOS 8.5 and previous versions on the Cisco Email Security Appliance (ESA) does not properly analyze ZIP archives, which allows remote malicious users to bypass malware filtering via a crafted archive, aka Bug ID CSCup07934.
Cisco Asyncos
6.5
CVSSv2
CVE-2022-27925
Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. An authenticated user with administrator rights has the ability to upload arbitrary files to the system, leading to directory traversal.
Zimbra Collaboration 9.0.0
Zimbra Collaboration 8.8.15
1 Metasploit module
13 Github repositories
1 Article
6.8
CVSSv2
CVE-2010-5300
Stack-based buffer overflow in Jzip 1.3 up to and including 2.0.0.132900 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long file name in a zip archive.
Jzip Jzip 2.0.0.132900
Jzip Jzip 1.3
2 EDB exploits
NA
CVE-2024-27317
In Pulsar Functions Worker, authenticated users can upload functions in jar or nar files. These files, essentially zip files, are extracted by the Functions Worker. However, if a malicious file is uploaded, it could exploit a directory traversal vulnerability. This occurs when th...
7.5
CVSSv2
CVE-2002-0370
Buffer overflow in the ZIP capability for multiple products allows remote malicious users to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows M...
Ibm Lotus Notes 5.0.1
Ibm Lotus Notes R5
Ibm Lotus Notes 5.0
Ibm Lotus Notes 5.0.4
Winzip Winzip 7.0
Ibm Lotus Notes 5.0.3
Allume Systems Division Stuffit Expander 6.5.2
Ibm Lotus Notes
Verity Keyview Viewing Sdk Gold
Ibm Lotus Notes 5.0.11
Ibm Lotus Notes 5.0.2
Ibm Lotus Notes R6
Ibm Lotus Notes 5.0.5
Ibm Lotus Notes 5.0.10
Ibm Lotus Notes 5.0.9a
Microsoft Windows Xp
Microsoft Windows 98 Plus Pack
Microsoft Windows Me
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »