Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
archive zip vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0602
Unzip 5.51 and previous versions does not properly warn the user when extracting setuid or setgid files, which may allow local users to gain privileges.
Info-zip Unzip
Info-zip Unzip 5.50
NA
CVE-2004-1010
Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compression, allows remote malicious users to execute arbitrary code via a ZIP file containing a long pathname.
Info-zip Zip 2.3
5.5
CVSSv3
CVE-2017-8843
The join_pthread function in stream.c in liblrzip.so in lrzip 0.631 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive.
Long Range Zip Project Long Range Zip 0.631
5.5
CVSSv3
CVE-2017-8847
The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in lrzip 0.631 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive.
Long Range Zip Project Long Range Zip 0.631
8.8
CVSSv3
CVE-2016-2335
The CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp in 7zip 9.20 and 15.05 beta and p7zip allows remote malicious users to cause a denial of service (out-of-bounds read) or execute arbitrary code via the PartitionRef field in the Long Allocation Descriptor in a UDF file.
Opensuse Opensuse 13.2
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7-zip 7-zip 9.20
7-zip 7-zip 15.05
1 Github repository
5.5
CVSSv3
CVE-2017-8842
The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in lrzip 0.631 allows remote malicious users to cause a denial of service (divide-by-zero error and application crash) via a crafted archive.
Long Range Zip Project Long Range Zip 0.631
5.5
CVSSv3
CVE-2017-8845
The lzo1x_decompress function in lzo1x_d.ch in LZO 2.08, as used in lrzip 0.631, allows remote malicious users to cause a denial of service (invalid memory read and application crash) via a crafted archive.
Long Range Zip Project Long Range Zip 0.631
5.5
CVSSv3
CVE-2019-10654
The lzo1x_decompress function in liblzo2.so.2 in LZO 2.10, as used in Long Range Zip (aka lrzip) 0.631, allows remote malicious users to cause a denial of service (invalid memory read and application crash) via a crafted archive, a different vulnerability than CVE-2017-8845.
Long Range Zip Project Long Range Zip 0.631
7.8
CVSSv3
CVE-2017-17969
Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip prior to 18.00 and p7zip allows remote malicious users to cause a denial of service (out-of-bounds write) or potentially execute arbitrary code via a crafted ZIP archive.
7-zip 7-zip
7-zip P7zip
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
7.8
CVSSv3
CVE-2018-5996
Insufficient exception handling in the method NCompress::NRar3::CDecoder::Code of 7-Zip prior to 18.00 and p7zip can lead to multiple memory corruptions within the PPMd code, allows remote malicious users to cause a denial of service (segmentation fault) or execute arbitrary code...
7-zip 7-zip
7-zip P7zip
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »