Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zziplib vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-5974
Heap-based buffer overflow in the __zzip_get32 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote malicious users to cause a denial of service (crash) via a crafted ZIP file.
Zziplib Project Zziplib 0.13.56
Zziplib Project Zziplib 0.13.57
Zziplib Project Zziplib 0.13.58
Zziplib Project Zziplib 0.13.59
Zziplib Project Zziplib 0.13.60
Zziplib Project Zziplib 0.13.61
Zziplib Project Zziplib 0.13.62
Debian Debian Linux 8.0
Debian Debian Linux 9.0
1 Github repository
4.3
CVSSv2
CVE-2017-5975
Heap-based buffer overflow in the __zzip_get64 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote malicious users to cause a denial of service (crash) via a crafted ZIP file.
Zziplib Project Zziplib 0.13.56
Zziplib Project Zziplib 0.13.57
Zziplib Project Zziplib 0.13.58
Zziplib Project Zziplib 0.13.59
Zziplib Project Zziplib 0.13.60
Zziplib Project Zziplib 0.13.61
Zziplib Project Zziplib 0.13.62
Debian Debian Linux 8.0
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2017-5976
Heap-based buffer overflow in the zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote malicious users to cause a denial of service (crash) via a crafted ZIP file.
Zziplib Project Zziplib 0.13.56
Zziplib Project Zziplib 0.13.57
Zziplib Project Zziplib 0.13.58
Zziplib Project Zziplib 0.13.59
Zziplib Project Zziplib 0.13.60
Zziplib Project Zziplib 0.13.61
Zziplib Project Zziplib 0.13.62
Debian Debian Linux 8.0
Debian Debian Linux 9.0
9.3
CVSSv2
CVE-2007-1614
Stack-based buffer overflow in the zzip_open_shared_io function in zzip/file.c in ZZIPlib Library prior to 0.13.49 allows user-assisted remote malicious users to cause a denial of service (application crash) or execute arbitrary code via a long filename.
Zziplib Zziplib
4.3
CVSSv2
CVE-2018-16548
An issue exists in ZZIPlib up to and including 0.13.69. There is a memory leak triggered in the function __zzip_parse_root_directory in zip.c, which will lead to a denial of service attack.
Zziplib Project Zziplib
4.3
CVSSv2
CVE-2017-5980
The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via a crafted ZIP file.
Zziplib Project Zziplib 0.13.62
4.3
CVSSv2
CVE-2017-5981
seeko.c in zziplib 0.13.62 allows remote malicious users to cause a denial of service (assertion failure and crash) via a crafted ZIP file.
Zziplib Project Zziplib 0.13.62
5.8
CVSSv2
CVE-2018-17828
Directory traversal vulnerability in ZZIPlib 0.13.69 allows malicious users to overwrite arbitrary files via a .. (dot dot) in a zip file, because of the function unzzip_cat in the bins/unzzipcat-mem.c file.
Zziplib Project Zziplib 0.13.69
NA
CVE-2020-18770
An issue exists in function zzip_disk_entry_to_file_header in mmapped.c in zziplib 0.13.69, which will lead to a denial-of-service.
Zziplib Project Zziplib 0.13.69
4.3
CVSSv2
CVE-2018-6542
In ZZIPlib 0.13.67, there is a bus error (when handling a disk64_trailer seek value) caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c.
Zziplib Project Zziplib 0.13.67
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »