27 matches found
EUVD-2008-3428
Malware in sbrugna...
EUVD-2006-6867
Malware in sbrugna...
EUVD-2025-2096
Malicious code in bioql PyPI...
EUVD-2024-49610
Malicious code in bioql PyPI...
EUVD-2025-13392
Malicious code in bioql PyPI...
CVE-2008-3442
WinZip before 11.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...
The vulnerability of the WinZip archive processor relates to the inclusion of a function for processing tags from an unreliable source within the software. This allows attackers to bypass Windows security mechanisms and execute arbitrary code.
The vulnerability of the WinZip archive processor is related to the inclusion of a function for processing “MotW” tags in the software. Exploiting this vulnerability allows an attacker to bypass Windows security mechanisms and execute arbitrary code during the decompression of an archive that...
CVE-2025-33028
In WinZip through 29.0, there is a Mark-of-the-Web Bypass Vulnerability because of an incomplete fix for CVE-2024-8811. This vulnerability allows attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of WinZip. User interaction is required to exploit this...
CVE-2025-33028
In WinZip through 29.0, there is a Mark-of-the-Web Bypass Vulnerability because of an incomplete fix for CVE-2024-8811. This vulnerability allows attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of WinZip. User interaction is required to exploit this...
CVE-2025-33028
In WinZip through 29.0, there is a Mark-of-the-Web Bypass Vulnerability because of an incomplete fix for CVE-2024-8811. This vulnerability allows attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of WinZip. User interaction is required to exploit this...
CVE-2025-33028
WinZip
CVE-2025-33028
In WinZip through 29.0, there is a Mark-of-the-Web Bypass Vulnerability because of an incomplete fix for CVE-2024-8811. This vulnerability allows attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of WinZip. User interaction is required to exploit this...
PT-2025-16367 · Winzip · Winzip
Name of the Vulnerable Software and Affected Versions: WinZip versions prior to 29.0 Description: The issue is related to the handling of archived files in WinZip, allowing attackers to bypass the Mark-of-the-Web protection mechanism. This can be exploited when a user extracts files from a crafte...
CVE-2025-1240
WinZip 7Z File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of WinZip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or op...
CVE-2025-1240 WinZip 7Z File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
WinZip 7Z File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of WinZip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or op...
CVE-2025-1240 WinZip 7Z File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
WinZip 7Z File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of WinZip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or op...
CVE-2025-1240
Summary: CVE-2025-1240 corresponds to a WinZip 7Z file parsing vulnerability that enables remote code execution via an out-of-bounds/write within the 7Z parser. The issue stems from insufficient validation of user-supplied data, potentially allowing code execution in the affected process. Exploit...
WinZip 7Z File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of WinZip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 7Z files. Th...
The vulnerability of the WinZip archive processor relates to the possibility of bypassing security mechanisms, allowing attackers to execute arbitrary code.
The vulnerability of the WinZip archive processor relates to the ability to bypass security mechanisms. Exploiting this vulnerability allows a perpetrator to execute arbitrary code, provided that the user opens a specially crafted file or accesses a specially crafted link...
WinZip Mark-of-the-Web Bypass Vulnerability
This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of WinZip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...