Lucene search
K

258 matches found

CVE
CVE
added 2020/01/31 10:0 p.m.308 views

CVE-2014-8139

CVE-2014-8139 is a vulnerability in Info-ZIP UnZip 6.0 and earlier, where a heap-based buffer overflow during CRC32 verification can be triggered by a crafted zip file, enabling code execution via unzip -t. Several Connected documents confirm this flaw is present in bundled/unzip implementations ...

7.8CVSS8.3AI score0.07448EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2020/01/31 10:0 p.m.29 views

CVE-2014-8139

Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...

7.8CVSS8AI score0.07448EPSS
Exploits0
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for unzip (EulerOS-SA-2019-2677)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.5AI score0.30469EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.15 views

Huawei EulerOS: Security Advisory for zip (EulerOS-SA-2019-2059)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.03977EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.31 views

Huawei EulerOS: Security Advisory for unzip (EulerOS-SA-2019-1627)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6AI score0.02586EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.16 views

Huawei EulerOS: Security Advisory for zip (EulerOS-SA-2019-1812)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.03977EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/11/07 12:0 a.m.44 views

Amazon Linux 2 : unzip (ALAS-2019-1355)

Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12.CVE-2018-18384 C Tenable Network Security, Inc. The descriptive text and packag...

5.5CVSS6.3AI score0.02586EPSS
Exploits1References2
Amazon
Amazon
added 2019/11/04 12:0 a.m.41 views

Low: unzip

Issue Overview: Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12.CVE-2018-18384 Affected Packages: unzip Note: This advisory is...

5.5CVSS6.4AI score0.02586EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2019/10/15 12:0 a.m.36 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : unzip Vulnerability (NS-SA-2019-0192)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has unzip packages installed that are affected by a vulnerability: - Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size...

5.5CVSS6.4AI score0.02586EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/09/17 12:0 a.m.26 views

EulerOS Virtualization for ARM 64 3.0.2.0 : zip (EulerOS-SA-2019-1925)

According to the version of the zip package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - DISPUTED Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows attackers to cause a denial of service...

9.8CVSS8.3AI score0.03977EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/09/16 12:0 a.m.27 views

EulerOS 2.0 SP2 : zip (EulerOS-SA-2019-1876)

According to the version of the zip package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows attackers to cause a denial of service invalid free and application crash o...

9.8CVSS8.6AI score0.03977EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/07/25 12:0 a.m.29 views

EulerOS 2.0 SP8 : zip (EulerOS-SA-2019-1788)

According to the version of the zip package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows attackers to cause a denial of service invalid free and application crash o...

9.8CVSS8.6AI score0.03977EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2019/07/08 6:51 a.m.34 views

CVE-2019-13232

Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue...

4CVSS2.5AI score0.00495EPSS
Exploits0References3
CNVD
CNVD
added 2019/07/05 12:0 a.m.0 views

Info-ZIP UnZip Denial of Service Vulnerability (CNVD-2019-21440)

Info-ZIP UnZip is the United States Greg Roelofs software developers of a set of Unix-based platform for the ".zip" file format for decompression tools. A security vulnerability exists in Info-ZIP UnZip version 6.0. An attacker could exploit this vulnerability to cause a denial of service...

3.3CVSS8.1AI score0.00495EPSS
Exploits0References1
NVD
NVD
added 2019/07/04 1:15 p.m.15 views

CVE-2019-13232

Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue...

3.3CVSS3.9AI score0.00495EPSS
Exploits0References7
OSV
OSV
added 2019/07/04 1:15 p.m.22 views

CVE-2019-13232

Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue...

3.3CVSS6.5AI score
Exploits0References7
OSV
OSV
added 2019/07/04 1:15 p.m.3 views

ALPINE-CVE-2019-13232

Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue...

3.3CVSS6.8AI score0.00495EPSS
Exploits0References1
OSV
OSV
added 2019/07/04 1:15 p.m.4 views

DEBIAN-CVE-2019-13232

Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue...

3.3CVSS6.4AI score0.00495EPSS
Exploits0References1
Prion
Prion
added 2019/07/04 1:15 p.m.27 views

Design/Logic Flaw

Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue...

2.1CVSS3.8AI score0.00495EPSS
Exploits0References7Affected Software2
OSV
OSV
added 2019/07/04 1:15 p.m.5 views

UBUNTU-CVE-2019-13232

Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue...

7.5CVSS6.7AI score0.00495EPSS
Exploits0References4
Rows per page
Query Builder