35 matches found
EUVD-2022-55186
Malicious code in bioql PyPI...
CVE-2022-4976
Archive::Unzip::Burst from 0.01 through 0.09 for Perl contains a bundled InfoZip library that is affected by several vulnerabilities. The bundled library is affected by CVE-2014-8139, CVE-2014-8140 and CVE-2014-8141...
CVE-2022-4976 Archive::Unzip::Burst from 0.01 through 0.09 for Perl contains a bundled InfoZip library that is affected by several vulnerabilities
Archive::Unzip::Burst from 0.01 through 0.09 for Perl contains a bundled InfoZip library that is affected by several vulnerabilities. The bundled library is affected by CVE-2014-8139, CVE-2014-8140 and CVE-2014-8141...
CVE-2022-4976 Archive::Unzip::Burst from 0.01 through 0.09 for Perl contains a bundled InfoZip library that is affected by several vulnerabilities
Archive::Unzip::Burst from 0.01 through 0.09 for Perl contains a bundled InfoZip library that is affected by several vulnerabilities. The bundled library is affected by CVE-2014-8139, CVE-2014-8140 and CVE-2014-8141...
CBL Mariner 2.0 Security Update: unzip (CVE-2014-8140)
The version of unzip installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2014-8140 advisory. - Heap-based buffer overflow in the testcompreb function in Info-ZIP UnZip 6.0 and earlier allows remote attacke...
CVE-2014-8140 affecting package unzip for versions less than 6.0-20
CVE-2014-8140 affecting package unzip for versions less than 6.0-20. A patched version of the package is available...
K16480: Multiple unzip vulnerabilities CVE-2014-8139, CVE-2014-8140, and CVE-2014-8141
Security Advisory Description CVE-2014-8139 A buffer overflow flaw was found in the way unzip computed the CRC32 checksum of certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash when the archive was tested with unzip's '-t' option. CVE-2014-8140 An integer...
Slackware: Security Advisory (SSA:2019-060-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-8140 affecting package unzip for versions less than 6.0-19
CVE-2014-8140 affecting package unzip for versions less than 6.0-19. A patched version of the package is available...
SUSE: Security Advisory (SUSE-SU-2015:0070-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:0026-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-8140 affecting package unzip 6.0-19
CVE-2014-8140 affecting package unzip 6.0-19. A patched version of the package is available...
Photon OS 1.0: Unzip PHSA-2020-1.0-0281
An update of the unzip package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-1.0-0281. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid134208...
CVE-2014-8140
CVE-2014-8140 affects Info-ZIP UnZip 6.0 and earlier. The issue is a heap-based buffer overflow in the test_compr_eb function that can be triggered by a crafted ZIP file passed to unzip with the -t option, potentially allowing remote code execution. Several connected advisories confirm the same u...
CVE-2014-8140
Heap-based buffer overflow in the testcompreb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...
Security Bulletin: Multiple Unzip vulnerabilities affect PowerKVM (Multiple CVEs)
Summary PowerKVM is affected by several vulnerabilities in OpenSSL. Vulnerability Details CVEID: CVE-2014-8139 DESCRIPTION: Info-ZIP UnZip is vulnerable to a heap-based buffer overflow, caused by improper bounds checking within the CRC32 verification. A lo CVSS Base Score: 4.4 CVSS Temporal Score...
Security Bulletin: Vulnerabilities in unzip affect IBM Security Network Protection (CVE-2014-8139, CVE-2014-8140, CVE-2014-8141, and CVE-2014-9636 )
Summary The unzip utility is used to list, test, or extract files from a zip archive. Security vulnerabilities have been discovered in unzip used with IBM Security Network Protection. Vulnerability Details CVE ID: CVE-2014-8139 DESCRIPTION: Info-ZIP UnZip is vulnerable to a heap-based buffer...
Oracle: Security Advisory (ELSA-2015-0700)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
F5 Networks BIG-IP : Multiple unzip vulnerabilities (SOL16480)
A buffer overflow flaw was found in the way unzip computed the CRC32 checksum of certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash when the archive was tested with unzip's '-t' option. C Tenable Network Security, Inc. The descriptive text and package check...
Amazon Linux AMI : unzip (ALAS-2015-504)
A buffer overflow was found in the way unzip uncompressed certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash or, possibly, execute arbitrary code when the archive was tested with unzip's '-t' option. CVE-2014-9636 A buffer overflow flaw was found in the way...