Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
7-zip vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2016-2334
Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip prior to 16.00 and p7zip allows remote malicious users to execute arbitrary code via a crafted HFS+ image.
7-zip 7-zip
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Oracle Solaris
2 Github repositories
7.8
CVSSv3
CVE-2023-31102
Ppmd7.c in 7-Zip prior to 23.00 allows an integer underflow and invalid read operation via a crafted 7Z archive.
7-zip 7-zip
Netapp Oncommand Workflow Automation -
Netapp Active Iq Unified Manager -
7.5
CVSSv3
CVE-2016-9296
A null pointer dereference bug affects the 16.02 and many old versions of p7zip. A lack of null pointer check for the variable folders.PackPositions in function CInArchive::ReadAndDecodePackedStreams in CPP/7zip/Archive/7z/7zIn.cpp, as used in the 7z.so library and in 7z applicat...
7-zip P7zip 16.02
1 Github repository
7.8
CVSSv3
CVE-2022-47069
p7zip 16.02 exists to contain a heap-buffer-overflow vulnerability via the function NArchive::NZip::CInArchive::FindCd(bool) at CPP/7zip/Archive/Zip/ZipIn.cpp.
7-zip P7zip 16.02
NA
CVE-2015-1038
p7zip 9.20.1 allows remote malicious users to write to arbitrary files via a symlink attack in an archive.
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Oracle Solaris 10.0
Oracle Solaris 11.2
7-zip P7zip 9.20.1
NA
CVE-2023-40481
7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must v...
1 Github repository
6.8
CVSSv3
CVE-2018-3920
An exploitable code execution vulnerability exists in the firmware update functionality of the Yi Home Camera 27US 1.8.7.0D. A specially crafted 7-Zip file can cause a CRC collision, resulting in a firmware update and code execution. An attacker can insert an SDcard to trigger th...
Yitechnology Yi Home Camera Firmware 1.8.7.0d
NA
CVE-2005-2670
Directory traversal vulnerability in HAURI Anti-Virus products including ViRobot Expert 4.0, Advanced Server, Linux Server 2.0, and LiveCall allows remote malicious users to overwrite arbitrary files via ".." sequences in filenames contained in (1) ACE, (2) ARJ, (3) CAB...
Hauri Livecall
Hauri Virobot Expert 4.0
Hauri Virobot Advanced Server
Hauri Virobot Linux Server 2.0
NA
CVE-2006-3135
Multiple SQL injection vulnerabilities in CMS Mundo 1.0 build 008, and possibly other versions, allow remote malicious users to execute arbitrary SQL commands via the (1) news_id parameter in the (a) news module, (2) searchstring parameter in (b) the search module, (3) id paramet...
Hotwebscripts Cms Mundo 1.0 Build 008
NA
CVE-2012-4932
Multiple cross-site scripting (XSS) vulnerabilities in SimpleInvoices before stable-2012-1-CIS3000 allow remote malicious users to inject arbitrary web script or HTML via (1) the having parameter in a manage action to index.php; (2) the Email field in an Add User action; (3) the ...
Simple Invoices Simple Invoices
Simple Invoices Simple Invoices 2007-05-25
Simple Invoices Simple Invoices 2007-01-25
Simple Invoices Simple Invoices 2006-12-11
Simple Invoices Simple Invoices 2007-02-02
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2