CVE-2018-10172

7-Zip through 18.01 on Windows implements the "Large memory pages" option by calling the LsaAddAccountRights function to add the SeLockMemoryPrivilege privilege to the user's account, which makes it easier for attackers to bypass intended access restrictions by using this privilege in the context...

EUVD-2018-17761

Malware in sbrugna...

EUVD-2008-6503

Malware in sbrugna...

EUVD-2023-45052

Malicious code in bioql PyPI...

EUVD-2024-33917

Malicious code in bioql PyPI...

EUVD-2022-49887

Malicious code in bioql PyPI...

CVE-2025-53817

CVE-2025-53817 (7-Zip) : A null pointer dereference in the Compound document handler of 7-Zip prior to version 25.0.0 can cause denial of service when processing Compound Documents. Connected sources confirm the issue and that version 25.0.0 contains the fix. Affected component is the Compound ha...

CVE-2025-53816 GHSL-2025-058 - 7-Zip Multi-byte write heap buffer overflow in NCompress::NRar5::CDecoder

7-Zip is a file archiver with a high compression ratio. Zeroes written outside heap buffer in RAR5 handler may lead to memory corruption and denial of service in versions of 7-Zip prior to 25.0.0. Version 25.0.0 contains a fix for the issue...

CVE-2025-53816

7-Zip is a file archiver with a high compression ratio. Zeroes written outside heap buffer in RAR5 handler may lead to memory corruption and denial of service in versions of 7-Zip prior to 25.0.0. Version 25.0.0 contains a fix for the issue...

Exploit for Protection Mechanism Failure in 7-Zip

CVE-2025-0411 — 7-Zip Mark-of-the-Web MoTW Bypass 🚨 ---...

CVE-2022-29072

7-Zip through 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the HelpContents area. This is caused by misconfiguration of 7z.dll and a heap overflow. The command runs in a child process under the 7zFM.exe process. NOTE: multiple...

About Remote Code Execution – 7-Zip (BDU:2025-01793) vulnerability

About Remote Code Execution - 7-Zip BDU:2025-01793 vulnerability. It's about the fact that files unpacked using 7-Zip don't get the Mark-of-the-Web. As a result, Windows security mechanisms don't block the execution of the unpacked malware. If you remember, there was a similar vulnerability in...

CVE-2022-47112

7-Zip 22.01 does not report an error for certain invalid xz files, involving stream flags and reserved bits. Some later versions are unaffected...

CVE-2022-47112

7-Zip 22.01 does not report an error for certain invalid xz files, involving stream flags and reserved bits. Some later versions are unaffected...

CVE-2022-47111

7-Zip 22.01 does not report an error for certain invalid xz files, involving block flags and reserved bits. Some later versions are unaffected...

Exploit for Protection Mechanism Failure in 7-Zip

🚀 7-Zip-CVE-2025-0411-POC Repository Welcome to the official...

Exploit for Protection Mechanism Failure in 7-Zip

7-Zip-CVE-2025-0411-POC CVE-2025-0411 Details "This vuln...

7-Zip Mark of the Web Bypass Vulnerability

7-Zip contains a protection mechanism failure vulnerability that allows remote attackers to bypass the Mark-of-the-Web security feature to execute arbitrary code in the context of the current user...

About Remote Code Execution – 7-Zip (CVE-2025-0411) vulnerability

About Remote Code Execution - 7-Zip CVE-2025-0411 vulnerability. 7-Zip is a popular, free, open-source archiver widely used by organizations as a standard tool for managing archives. The vulnerability is a bypass of the Mark-of-the-Web mechanism. If you download and run a suspicious executable fi...

CVE-2025-0411

7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicio...