Lucene search
+L

258 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2014-9913

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the listfiles function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service crash via vectors related to the...

4CVSS5.5AI score0.01453EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2015-7696

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash or possibly execute arbitrary code via...

6.8CVSS6.9AI score0.07184EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2018-18384

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size...

5.5CVSS6.3AI score0.02586EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2014-8139

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file ...

7.8CVSS7.5AI score0.07448EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2014-8140

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in the testcompreb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip fil...

7.8CVSS7.5AI score0.07448EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.24 views

CBL Mariner 2.0 Security Update: unzip (CVE-2015-7696)

The version of unzip installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2015-7696 advisory. - Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service heap-based buffer over-read and...

6.8CVSS7AI score0.07184EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/07/02 12:0 a.m.13 views

CBL Mariner 2.0 Security Update: zip (CVE-2018-13410)

The version of zip installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2018-13410 advisory. - Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows attackers to cause a denial of...

9.8CVSS8.8AI score0.03977EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.21 views

RHEL 5 : unzip (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - unzip: Heap-based buffer overflow in fileio.c:UzpPassword function allows code execution CVE-2018-1000035...

7.8CVSS8.1AI score0.30469EPSS
Exploits3References9
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.29 views

RHEL 7 : unzip (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - unzip: Heap-based buffer overflow in fileio.c:UzpPassword function allows code execution CVE-2018-1000035...

7.8CVSS9.3AI score0.30469EPSS
Exploits2References5
Gentoo Linux
Gentoo Linux
added 2023/10/30 12:0 a.m.47 views

UnZip: Multiple Vulnerabilities

Background Info-ZIP’s UnZip is a tool to list and extract files inside PKZIP compressed files. Description Multiple vulnerabilities have been discovered in UnZip. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

5.5CVSS6.7AI score0.02421EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.16 views

Oracle Linux 8 : unzip (ELSA-2020-1787)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2020-1787 advisory. - Related: CVE-2019-13232 - Fix CVE-2019-13232 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

3.3CVSS6.4AI score0.00495EPSS
Exploits0References2
Broadcom
Broadcom
added 2023/08/29 12:0 a.m.31 views

Buffer overflow in Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code via a crafted string

Buffer overflow in the charsettointern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code via a crafted string, as demonstrated by converting a string from CP866 to UTF-8. Notes: Brocade SANnav contains the affected open source routines, but these...

7.5CVSS8AI score0.04898EPSS
Exploits2
F5 Networks
F5 Networks
added 2023/02/21 6:46 p.m.59 views

K80311892: InfoZIP vulnerability CVE-2019-13232

Security Advisory Description Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue. CVE-2019-13232 Impact Local users with administrative access to the BIG-IP Advanced Shell bash may be able...

3.3CVSS6.5AI score0.00495EPSS
Exploits0Affected Software16
SUSE CVE
SUSE CVE
added 2023/02/15 6:20 a.m.4 views

SUSE CVE-2004-1010

Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compression, allows remote attackers to execute arbitrary code via a ZIP file containing a long pathname...

10CVSS8.3AI score0.09246EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:25 a.m.3 views

SUSE CVE-2014-8140

Heap-based buffer overflow in the testcompreb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...

7.8CVSS8.4AI score0.07448EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:24 a.m.4 views

SUSE CVE-2014-9913

Buffer overflow in the listfiles function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service crash via vectors related to the compression method...

4CVSS7.1AI score0.01453EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:26 a.m.8 views

SUSE CVE-2018-13410

Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows attackers to cause a denial of service invalid free and application crash or possibly have unspecified other impact because of an off-by-one error. NOTE: it is unclear whether there are realistic scenarios in which an...

9.8CVSS7.8AI score0.03977EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:20 a.m.5 views

SUSE CVE-2018-1000032

A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution...

7.8CVSS8AI score0.01276EPSS
Exploits2References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:20 a.m.4 views

SUSE CVE-2018-1000031

A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution...

7.8CVSS8AI score0.01346EPSS
Exploits2References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:20 a.m.2 views

SUSE CVE-2018-1000034

An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory...

9.1CVSS6.8AI score0.01445EPSS
Exploits2References4
Rows per page
Query Builder