Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
archive zip vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2016-2335
The CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp in 7zip 9.20 and 15.05 beta and p7zip allows remote malicious users to cause a denial of service (out-of-bounds read) or execute arbitrary code via the PartitionRef field in the Long Allocation Descriptor in a UDF file.
Opensuse Opensuse 13.2
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7-zip 7-zip 9.20
7-zip 7-zip 15.05
1 Github repository
8.8
CVSSv3
CVE-2016-1945
The nsZipArchive function in Mozilla Firefox prior to 44.0 might allow remote malicious users to cause a denial of service or possibly have unspecified other impact by leveraging incorrect use of a pointer during processing of a ZIP archive.
Mozilla Firefox 43.0.4
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Opensuse Leap 42.1
8.4
CVSSv3
CVE-2016-3646
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x up to and including 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) prior to 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac;...
Symantec Norton Security
Symantec Protection Engine
Symantec Protection Engine 7.8.0
Symantec Advanced Threat Protection
Symantec Norton Bootable Removal Tool
Symantec Data Center Security Server 6.6
Symantec Data Center Security Server 6.0
Symantec Data Center Security Server 6.5
Symantec Protection For Sharepoint Servers
Symantec Message Gateway For Service Providers 10.6
Symantec Message Gateway For Service Providers 10.5
Symantec Csapi
Symantec Endpoint Protection 12.1.6
Symantec Norton Power Eraser
Symantec Mail Security For Domino
Symantec Mail Security For Microsoft Exchange
Symantec Mail Security For Microsoft Exchange 6.5.8
Symantec Message Gateway
Symantec Norton Security
Symantec Norton Security With Backup
Symantec Norton Antivirus
Symantec Norton 360
1 EDB exploit
8.2
CVSSv3
CVE-2021-27473
Rockwell Automation Connected Components Workbench v12.00.00 and prior does not sanitize paths specified within the .ccwarc archive file during extraction. This type of vulnerability is also commonly referred to as a Zip Slip. A local, authenticated attacker can create a maliciou...
Rockwellautomation Connected Components Workbench
8.1
CVSSv3
CVE-2023-35947
Gradle is a build tool with a focus on build automation and support for multi-language development. In affected versions when unpacking Tar archives, Gradle did not check that files could be written outside of the unpack location. This could lead to important files being overwrit...
Gradle Gradle
8.1
CVSSv3
CVE-2023-24057
HL7 (Health Level 7) FHIR Core Libraries prior to 5.6.92 allow malicious users to extract files into arbitrary directories via directory traversal from a crafted ZIP or TGZ archive (for a prepackaged terminology cache, NPM package, or comparison archive).
Hl7 Fhir Ig Publisher
Hapifhir Hl7 Fhir Core
8.1
CVSSv3
CVE-2022-27438
Caphyon Ltd Advanced Installer 19.3 and previous versions and many products that use the updater from Advanced Installer (Advanced Updater) are affected by a remote code execution vulnerability via the CustomDetection parameter in the update check function. To exploit this vulner...
Caphyon Advanced Installer
Realdefense Mypasslock 1.9.6
Realdefense Mycleanpc 4.0.2
Realdefense Mycleanid 4.1.4
Prusa3d Prusaslicer 2.4.2
Plagiarismcheckerx Plagiarism Checker X 8.0.6
Vigem Vigembus Driver 1.16.116
Nefarius Scptoolkit 1.6.238.16010
Moonsoftware Password Agent 20.10.1
Getmailbird Mailbird 2.9.50.0
Krylack Burning Suite 1.20.05
Krylack Rar Password Recovery 3.70.69
Krylack Volume Serial Number Editor 2.02.34
Krylack Zip Password Recovery 3.70.69
Krylack Asterisks Password Decryptor 3.31.107
Krylack Archive Password Recovery 3.70.69
Jpsoft Take Command 28.2.18
Jki Vi Package Manager 21.1.2754
Honeygain Honeygain 0.10.7.0
Guzogo Guzogo 1.0.5.0
Gamecaster Gamecaster 4.0.2109.2802
Gainedge Better Explorer 2020.3.15.1304
1 Github repository
7.8
CVSSv3
CVE-2023-31102
Ppmd7.c in 7-Zip prior to 23.00 allows an integer underflow and invalid read operation via a crafted 7Z archive.
7-zip 7-zip
Netapp Oncommand Workflow Automation -
Netapp Active Iq Unified Manager -
7.8
CVSSv3
CVE-2023-39137
An issue in Archive v3.3.7 allows malicious users to spoof zip filenames which can lead to inconsistent filename parsing.
Archive Project Archive 3.3.7
7.8
CVSSv3
CVE-2023-39139
An issue in Archive v3.3.7 allows malicious users to execute a path traversal via extracting a crafted zip file.
Archive Project Archive 3.3.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »