8 matches found
EUVD-2026-41083
A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in 7z file...
CVE-2026-6340
Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13, 11.4.x = 11.4.3 fail to validate 7zip archive structure before processing which allows an authenticated attacker to cause server memory exhaustion and denial of service via uploading a specially crafted 7zip file with excessive folder...
SUSE CVE-2015-8922
The readCodersInfo function in archivereadsupportformat7zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted 7z file, related to the 7zfolder struct...
SUSE CVE-2016-1372
ClamAV aka Clam AntiVirus before 0.99.2 allows remote attackers to cause a denial of service application crash via a crafted 7z file...
DEBIAN-CVE-2022-44900
A directory traversal vulnerability in the SevenZipFile.extractall function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file...
Yi Home Camera Code Execution Vulnerability (CNVD-2018-22813)
Yi Home Camera is an IoT home camera sold worldwide. A code execution vulnerability exists in the firmware update function of the Yi Home Camera 27US 1.8.7.0D. An attacker can cause a CRC conflict by inserting an SD card and exploiting the vulnerability via a specially crafted 7-Zip file, which c...
CVE-2018-3920
An exploitable code execution vulnerability exists in the firmware update functionality of the Yi Home Camera 27US 1.8.7.0D. A specially crafted 7-Zip file can cause a CRC collision, resulting in a firmware update and code execution. An attacker can insert an SDcard to trigger this vulnerability...
UBUNTU-CVE-2016-1372
ClamAV aka Clam AntiVirus before 0.99.2 allows remote attackers to cause a denial of service application crash via a crafted 7z file...