Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
archive zip vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2019-7234
An issue exists in idreamsoft iCMS 7.0.13. admincp.php?app=apps&do=save allows directory traversal via _app=/../ to begin the process of creating a ZIP archive file with the complete contents of any directory because of an apps.admincp.php error. This ZIP archive file can the...
Idreamsoft Icms 7.0.13
5
CVSSv2
CVE-2022-35410
mat2 (aka metadata anonymisation toolkit) prior to 0.13.0 allows ../ directory traversal during the ZIP archive cleaning process. This primarily affects mat2 web instances, in which clients could obtain sensitive information via a crafted archive.
0xacab Mat2
Debian Debian Linux 10.0
Debian Debian Linux 11.0
6.4
CVSSv2
CVE-2018-20227
RDF4J 2.4.2 allows Directory Traversal via ../ in an entry in a ZIP archive.
Eclipse Rdf4j 2.4.2
5.1
CVSSv2
CVE-2022-27438
Caphyon Ltd Advanced Installer 19.3 and previous versions and many products that use the updater from Advanced Installer (Advanced Updater) are affected by a remote code execution vulnerability via the CustomDetection parameter in the update check function. To exploit this vulner...
Caphyon Advanced Installer
Realdefense Mypasslock 1.9.6
Realdefense Mycleanpc 4.0.2
Realdefense Mycleanid 4.1.4
Prusa3d Prusaslicer 2.4.2
Plagiarismcheckerx Plagiarism Checker X 8.0.6
Vigem Vigembus Driver 1.16.116
Nefarius Scptoolkit 1.6.238.16010
Moonsoftware Password Agent 20.10.1
Getmailbird Mailbird 2.9.50.0
Krylack Burning Suite 1.20.05
Krylack Rar Password Recovery 3.70.69
Krylack Volume Serial Number Editor 2.02.34
Krylack Zip Password Recovery 3.70.69
Krylack Asterisks Password Decryptor 3.31.107
Krylack Archive Password Recovery 3.70.69
Jpsoft Take Command 28.2.18
Jki Vi Package Manager 21.1.2754
Honeygain Honeygain 0.10.7.0
Guzogo Guzogo 1.0.5.0
Gamecaster Gamecaster 4.0.2109.2802
Gainedge Better Explorer 2020.3.15.1304
1 Github repository
4.3
CVSSv2
CVE-2018-1324
A specially crafted ZIP archive can be used to cause an infinite loop inside of Apache Commons Compress' extra field parser used by the ZipFile and ZipArchiveInputStream classes in versions 1.11 to 1.15. This can be used to mount a denial of service attack against services t...
Apache Commons Compress
Oracle Weblogic Server 14.1.1.0.0
Oracle Mysql Cluster
1 Github repository
6.8
CVSSv2
CVE-2014-8139
Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and previous versions allows remote malicious users to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
Unzip Project Unzip
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 6.6
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Server Eus 7.1
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Tus 6.6
Redhat Enterprise Linux Server Eus 6.6
Redhat Enterprise Linux Server Eus 7.7
6.8
CVSSv2
CVE-2010-1458
Stack-based buffer overflow in Create and Extract Zips TweakFS Zip Utility 1.0 for Flight Simulator X (FSX) allows remote malicious users to execute arbitrary code via a long filename in a ZIP archive.
Tweakfs Tweakfs Zip Utility 1.0
1 EDB exploit
4
CVSSv2
CVE-2018-19859
OpenRefine prior to 3.2 beta allows directory traversal via a relative pathname in a ZIP archive.
Openrefine Openrefine 3.0
Openrefine Openrefine 2.7
Openrefine Openrefine 2.6
Openrefine Openrefine 1.0.5
Openrefine Openrefine 1.0.7
Openrefine Openrefine 2.0
Openrefine Openrefine 2.5
Openrefine Openrefine 1.0
Openrefine Openrefine 2.8
Openrefine Openrefine 3.1
Openrefine Openrefine 2.1
Openrefine Openrefine 1.0.1
Openrefine Openrefine 1.0.2
Openrefine Openrefine 1.0.3
Openrefine Openrefine 1.0.6
Openrefine Openrefine 1.1
1 Github repository
6.5
CVSSv2
CVE-2022-24676
update_code in Admin.php in HYBBS2 up to and including 2.3.2 allows arbitrary file upload via a crafted ZIP archive.
Hyphp Hybbs2
6.8
CVSSv2
CVE-2018-1000035
A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an malicious user to perform a denial of service or to possibly achieve code execution.
Unzip Project Unzip
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »