Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unzip project unzip 6.0 vulnerabilities and exploits
(subscribe to this query)
606
VMScore
CVE-2015-7696
Info-ZIP UnZip 6.0 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value.
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Unzip Project Unzip 6.0
605
VMScore
CVE-2014-8141
Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and previous versions allows remote malicious users to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
Unzip Project Unzip
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Server Eus 7.1
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Tus 6.6
Redhat Enterprise Linux Server Eus 6.6
Redhat Enterprise Linux Server Tus 7.7
605
VMScore
CVE-2014-8139
Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and previous versions allows remote malicious users to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
Unzip Project Unzip
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 6.6
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Server Eus 7.1
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Tus 6.6
Redhat Enterprise Linux Server Eus 6.6
Redhat Enterprise Linux Server Eus 7.7
605
VMScore
CVE-2014-8140
Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and previous versions allows remote malicious users to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
Unzip Project Unzip
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 6.6
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Server Eus 7.1
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Tus 6.6
Redhat Enterprise Linux Server Eus 6.6
Redhat Enterprise Linux Server Eus 7.7
605
VMScore
CVE-2018-1000035
A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an malicious user to perform a denial of service or to possibly achieve code execution.
Unzip Project Unzip
384
VMScore
CVE-2022-0529
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an malicious user to input a specially crafted zip file, leading to a crash or code execution.
Unzip Project Unzip 6.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 35
Debian Debian Linux 10.0
Debian Debian Linux 11.0
2 Github repositories
384
VMScore
CVE-2022-0530
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an malicious user to input a specially crafted zip file, leading to a crash or code execution.
Unzip Project Unzip 6.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 35
Apple Mac Os X
Apple Mac Os X 10.15.7
Apple Macos
Debian Debian Linux 10.0
Debian Debian Linux 11.0
2 Github repositories
383
VMScore
CVE-2018-18384
Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12.
Unzip Project Unzip 6.0
383
VMScore
CVE-2015-7697
Info-ZIP UnZip 6.0 allows remote malicious users to cause a denial of service (infinite loop) via empty bzip2 data in a ZIP archive.
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Unzip Project Unzip 6.0
1 Github repository
187
VMScore
CVE-2019-13232
Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service (resource consumption), aka a "better zip bomb" issue.
Unzip Project Unzip 6.0
Debian Debian Linux 8.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »