Lucene search
K

157 matches found

Debian CVE
Debian CVE
added 2023/10/14 12:0 a.m.153 views

CVE-2023-45853

MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an...

9.8CVSS8.1AI score0.02918EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/04/11 12:0 a.m.46 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : zlib Vulnerability (NS-SA-2023-0021)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has zlib packages installed that are affected by a vulnerability: - zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches. CVE-2018-25032 Note that Nessus has no...

7.5CVSS7.1AI score0.51733EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/03/21 12:0 a.m.136 views

Amazon Linux 2023 : minizip-compat, minizip-compat-devel, zlib (ALAS2023-2023-003)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-003 advisory. An out-of-bounds access flaw was found in zlib, which allows memory corruption when deflating ex: when compressing if the input has many distant matches. For some rare inputs with a large numbe...

9.8CVSS7.1AI score0.51733EPSS
Exploits2References6
OpenVAS
OpenVAS
added 2023/03/09 12:0 a.m.17 views

CentOS: Security Advisory for minizip (CESA-2023:1095)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS10AI score0.1593EPSS
Exploits1References2
Cent OS
Cent OS
added 2023/03/08 4:30 p.m.707 views

minizip, zlib security update

CentOS Errata and Security Advisory CESA-2023:1095 An update for zlib is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.8CVSS6.9AI score0.1593EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2022/05/14 12:0 a.m.23 views

CentOS: Security Advisory for minizip (CESA-2022:2213)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.6AI score0.51733EPSS
Exploits1References2
Cent OS
Cent OS
added 2022/05/13 5:32 p.m.488 views

minizip, zlib security update

CentOS Errata and Security Advisory CESA-2022:2213 An update for zlib is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.5CVSS6.7AI score0.51733EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2022/04/01 12:0 a.m.77 views

openSUSE 15 Security Update : zlib (openSUSE-SU-2022:1061-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:1061-1 advisory. - zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches. CVE-2018-25032 Note that...

7.5CVSS7.1AI score0.51733EPSS
Exploits1References4
ossfuzz
ossfuzz
added 2020/06/16 10:46 p.m.20 views

minizip:unzip_fuzzer: Stack-buffer-overflow in crc32_z

Project: https://github.com/nmoinvaz/minizip.git Detailed Report: https://oss-fuzz.com/testcase?key=5766806240493568 Project: minizip Fuzzing Engine: libFuzzer Fuzz Target: unzipfuzzer Job Type: libfuzzerasani386minizip Platform Id: linux Crash Type: Stack-buffer-overflow READ 4 Crash Address:...

6.8AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2020/06/16 6:51 p.m.57 views

minizip:unzip_fuzzer: Stack-buffer-overflow in crc32_z

Project: https://github.com/nmoinvaz/minizip.git Detailed Report: https://oss-fuzz.com/testcase?key=5737646432452608 Project: minizip Fuzzing Engine: afl Fuzz Target: unzipfuzzer Job Type: aflasanminizip Platform Id: linux Crash Type: Stack-buffer-overflow READ 4 Crash Address: 0x7ffe99ff1360 Cra...

6.8AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2018/11/19 9:42 p.m.19 views

minizip/unzip_fuzzer: Index-out-of-bounds in BZ2_decompress

Project: https://github.com/nmoinvaz/minizip.git Detailed report: https://oss-fuzz.com/testcase?key=5714988497371136 Project: minizip Fuzzer: libFuzzerminizipunzipfuzzer Fuzz target binary: unzipfuzzer Job Type: libfuzzerubsanminizip Platform Id: linux Crash Type: Index-out-of-bounds Crash Addres...

6.8AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2018/11/19 8:12 p.m.15 views

minizip/unzip_fuzzer: Use-of-uninitialized-value in mz_zip_entry_read_header

Project: https://github.com/nmoinvaz/minizip.git Detailed report: https://oss-fuzz.com/testcase?key=5707718795460608 Project: minizip Fuzzer: libFuzzerminizipunzipfuzzer Fuzz target binary: unzipfuzzer Job Type: libfuzzermsanminizip Platform Id: linux Crash Type: Use-of-uninitialized-value Crash...

6.8AI score
Exploits0Affected Software1
Prion
Prion
added 2018/01/16 7:29 p.m.10 views

Directory traversal

Directory traversal vulnerability in the doextractcurrentfile function in miniunz.c in miniunzip in minizip before 1.1-5 might allow remote attackers to write to arbitrary files via a crafted entry in a ZIP archive...

4.3CVSS7.2AI score0.04086EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCve
added 2018/01/16 7:29 p.m.25 views

CVE-2014-9485

Directory traversal vulnerability in the doextractcurrentfile function in miniunz.c in miniunzip in minizip before 1.1-5 might allow remote attackers to write to arbitrary files via a crafted entry in a ZIP archive...

5.5CVSS6.2AI score0.04086EPSS
Exploits0References1
OSV
OSV
added 2018/01/16 7:29 p.m.3 views

DEBIAN-CVE-2014-9485

Directory traversal vulnerability in the doextractcurrentfile function in miniunz.c in miniunzip in minizip before 1.1-5 might allow remote attackers to write to arbitrary files via a crafted entry in a ZIP archive...

5.5CVSS7.1AI score0.04086EPSS
Exploits0References1
OSV
OSV
added 2018/01/16 7:29 p.m.5 views

UBUNTU-CVE-2014-9485

Directory traversal vulnerability in the doextractcurrentfile function in miniunz.c in miniunzip in minizip before 1.1-5 might allow remote attackers to write to arbitrary files via a crafted entry in a ZIP archive...

5.5CVSS6.2AI score0.04086EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2018/01/16 12:0 a.m.25 views

CVE-2014-9485

Directory traversal vulnerability in the doextractcurrentfile function in miniunz.c in miniunzip in minizip before 1.1-5 might allow remote attackers to write to arbitrary files via a crafted entry in a ZIP archive...

5.5CVSS5.5AI score0.04086EPSS
Exploits0
Rows per page
Query Builder