CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

RedhatCVE•added 2026/02/11 1:16 p.m.•4 views

CVE-2025-15570

A vulnerability was found in ckolivas lrzip up to 0.651. This impacts the function lzmadecompressbuf of the file stream.c. Performing a manipulation results in use after free. Attacking locally is a requirement. The exploit has been made public and could be used. The project was informed of the...

7.8CVSS5.1AI score0.00009EPSS

Exploits1References1

OSV•added 2026/02/10 2:16 p.m.•2 views

CVE-2025-15570

7.8CVSS5.6AI score

Exploits0References6

CVE•added 2026/02/10 1:2 p.m.•31 views

CVE-2025-15570

Summary (CVE-2025-15570): Affects ckolivas lrzip up to 0.651. The vulnerability is in the function lzma_decompress_buf of stream.c, where manipulation leads to a use-after-free. Local attack required. The exploit has been publicly released and could be used. The project was informed via an issue ...

7.8CVSS5.4AI score0.00009EPSS

Exploits1References7Affected Software1

CNNVD•added 2026/02/10 12:0 a.m.•2 views

lrzip 资源管理错误漏洞

lrzip is a compression utility personally developed by Con Kolivas. Versions of lrzip prior to 0.651 contained a resource management vulnerability, which stemmed from the use of the lzmadecompressbuf function, where memory was reclaimed and then reused...

7.8CVSS6AI score0.00009EPSS

Exploits1References7

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2021-14107

Malware in sbrugna...

5.5CVSS5.7AI score0.00232EPSS

Exploits1References4

RedhatCVE•added 2022/05/20 11:52 p.m.•26 views

CVE-2018-10685

In Long Range Zip aka lrzip 0.631, there is a use-after-free in the lzmadecompressbuf function of stream.c, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact...

9.8CVSS7.1AI score0.00559EPSS

Exploits1References1

Veracode•added 2022/04/14 8:34 a.m.•26 views

Use After Free

lrzip is vulnerable to after free. The vulnerability exits in lzmadecompressbuf function in stream.c in Irzip which allows attackers to cause a denial of service via a crafted compressed file...

5.5CVSS4AI score0.00232EPSS

Exploits1References3Affected Software2

Tenable Nessus•added 2021/12/08 12:0 a.m.•24 views

Ubuntu 18.04 LTS : Long Range ZIP vulnerabilities (USN-5171-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5171-1 advisory. It was discovered that Long Range ZIP incorrectly handled certain specially crafted lrz files. A remote attacker could possibly use this issue to cause a...

9.8CVSS6.8AI score0.00843EPSS

Exploits6References11

BDU FSTEC•added 2021/09/20 12:0 a.m.•1 views

The vulnerability of the lzma_decompress_buf function in the stream.c component of the Lrzip compression algorithm allows a hacker to cause a service failure after the memory is released.

The vulnerability of the lzmadecompressbuf function in the stream.c component of the Lrzip compression program relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to cause a service failure through a specially created compressed file...

6.5CVSS0.00232EPSS

Exploits1References5Affected Software3

CNVD•added 2021/06/11 12:0 a.m.•5 views

Irzip Reuse After Release Vulnerability

Irzip is a compression utility that excels at compressing large files. A post-release reuse vulnerability exists in the lzmadecompressbuf function in stream.c in Irzip version 0.631, which can be exploited by an attacker to cause a denial of service via specially crafted compressed files...

5.5CVSS6.4AI score0.00232EPSS

Exploits1References1

OSV•added 2021/06/10 4:15 p.m.•0 views

DEBIAN-CVE-2021-27347