CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Certain WithSecure products allow Local privilege escalation via the lhz archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for...

7.8CVSS7.9AI score0.00044EPSS

Exploits0References2

ATTACKERKB•added 2023/09/22 5:15 a.m.•2 views

CVE-2023-43766

7.8CVSS5.9AI score0.00044EPSS

Exploits0References3

Prion•added 2023/09/22 5:15 a.m.•25 views

Design/Logic Flaw

4.3CVSS7.8AI score0.00044EPSS

Exploits0References2Affected Software7

Cvelist•added 2023/09/22 12:0 a.m.•17 views

CVE-2023-43766

8.1AI score0.00044EPSS

Exploits0References2

Vulnrichment•added 2023/09/22 12:0 a.m.•14 views

CVE-2023-43766

7.3AI score0.00044EPSS

Exploits0References2

CVE•added 2023/09/22 12:0 a.m.•43 views

CVE-2023-43766

This CVE (CVE-2023-43766) affects multiple WithSecure products, including Client Security 15, Server Security 15, Email and Server Security 15, Elements Endpoint Protection 17 and later, Client Security for Mac 15, Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0, Linux P...

7.8CVSS7.8AI score0.00044EPSS

Exploits0References2Affected Software2

CNNVD•added 2023/09/22 12:0 a.m.•1 views

WithSecure products Security breaches

WithSecure products is a line of security software from the Finnish company WithSecure. A security vulnerability exists in WithSecure products, which originates in the lhz archive unpack handler program that allows a local user to perform a denial of service on a system and bypass security...

7.8CVSS6.3AI score0.00044EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 6:14 a.m.•1 views

SUSE CVE-2006-4338

unlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent attackers to cause a denial of service infinite loop via a crafted GZIP archive...

5CVSS6.7AI score0.04679EPSS

Exploits1References4

Japan Vulnerability Notes•added 2008/05/20 3:0 p.m.•0 views

Lhaca LHZ Archive Extended Header Size Processing Buffer Overflow Vulnerability

Overview Lhaca does not process an LHZ archive with an invalid Extended Header Size properly, which could lead to buffer overflow. This problem is reported to be different from the issue identified in JVNDB-2007-000492 CVE-2007-3375. Impact An attacker could execute arbitrary code. Solution Pleas...

9.3CVSS7.2AI score0.09954EPSS

Exploits0References6

NVD•added 2006/09/19 9:7 p.m.•16 views

CVE-2006-4337

Buffer overflow in the maketable function in the LHZ component in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted decoding table in a GZIP archive...

7.5CVSS7.3AI score0.10293EPSS

Exploits1References55

NVD•added 2006/09/19 9:7 p.m.•19 views

CVE-2006-4338

unlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent attackers to cause a denial of service infinite loop via a crafted GZIP archive...

5CVSS5.9AI score0.04679EPSS

Exploits1References57

Debian CVE•added 2006/09/19 9:0 p.m.•28 views

CVE-2006-4337

Buffer overflow in the maketable function in the LHZ component in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted decoding table in a GZIP archive...

7.5CVSS7.4AI score0.10293EPSS

Exploits1

Cvelist•added 2006/09/19 9:0 p.m.•20 views

CVE-2006-4337

Buffer overflow in the maketable function in the LHZ component in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted decoding table in a GZIP archive...

7.2AI score0.10293EPSS

Exploits1References55

CVE•added 2006/09/19 9:0 p.m.•86 views

CVE-2006-4337

Consolidated data confirms CVE-2006-4337: In gzip 1.3.5, the LZH decompression path (make_table in unlzh.c) contains a buffer/array handling bug that enables arbitrary code execution when users decompress a crafted GZIP archive. Public reports describe a buffer overflow/stack issues in LZH code l...

7.5CVSS7.2AI score0.10293EPSS

Exploits1References55Affected Software1

Cvelist•added 2006/09/19 9:0 p.m.•22 views

CVE-2006-4338

unlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent attackers to cause a denial of service infinite loop via a crafted GZIP archive...

5.8AI score0.04679EPSS

Exploits1References57

RedHat Linux•added 2006/09/19 2:25 p.m.•1 views

security flaw

unlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent attackers to cause a denial of service infinite loop via a crafted GZIP archive...

5CVSS5.8AI score0.04679EPSS

Exploits1References4

UbuntuCve•added 2006/09/19 12:0 a.m.•33 views

CVE-2006-4338

unlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent attackers to cause a denial of service infinite loop via a crafted GZIP archive...

5CVSS5.9AI score0.04679EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by