Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squashfs project squashfs vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2015-4646
(1) unsquash-1.c, (2) unsquash-2.c, (3) unsquash-3.c, and (4) unsquash-4.c in Squashfs and sasquatch allow remote malicious users to cause a denial of service (application crash) via a crafted input.
Squashfs Project Squashfs
605
VMScore
CVE-2012-4024
Stack-based buffer overflow in the get_component function in unsquashfs.c in unsquashfs in Squashfs 4.2 and previous versions allows remote malicious users to execute arbitrary code via a crafted list file (aka a crafted file for the -ef option). NOTE: probably in most cases, the...
Squashfs Project Squashfs
605
VMScore
CVE-2012-4025
Integer overflow in the queue_init function in unsquashfs.c in unsquashfs in Squashfs 4.2 and previous versions allows remote malicious users to execute arbitrary code via a crafted block_log field in the superblock of a .sqsh file, leading to a heap-based buffer overflow.
Squashfs Project Squashfs
383
VMScore
CVE-2015-4645
Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch allows remote malicious users to cause a denial of service (application crash) via a crafted input, which triggers a stack-based buffer overflow.
Squashfs Project Squashfs
Fedoraproject Fedora 21
Fedoraproject Fedora 22
516
VMScore
CVE-2021-41072
squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs ...
Squashfs-tools Project Squashfs-tools 4.5
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
516
VMScore
CVE-2021-40153
squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing...
Squashfs-tools Project Squashfs-tools 4.5
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 33
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started