8 matches found
CVE-2026-20215 ClamAV 7Zip File Format Processing Out-of-Bounds Memory Corruption Vulnerability
A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in 7z file...
GPT Academic path traversal vulnerability (CNVD-2025-22739)
GPT Academic is an interface that provides pragmatic interactions for LLM grand language models such as GPT/GLM. GPT Academic suffers from a path traversal vulnerability that stems from an unverified 7z file extraction, which can be exploited by an attacker to perform arbitrary file writes, leadi...
SUSE CVE-2015-8922
The readCodersInfo function in archivereadsupportformat7zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted 7z file, related to the 7zfolder struct...
SUSE CVE-2016-1372
ClamAV aka Clam AntiVirus before 0.99.2 allows remote attackers to cause a denial of service application crash via a crafted 7z file...
CVE-2022-2463
Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. A crafted malicious .7z exchange file may allow an attacker to gain the privileges of the ISaGRAF Workbench software when opened. If the software is running at the SYSTEM leve...
The vulnerability of the application development environment for ISaGRAF Workbench programmable logic controllers arises from incorrect restrictions on the path name to the restricted access directory. This allows attackers to escalate their privileges.
The vulnerability in the development environment for ISaGRAF Workbench programmable logic controllers is related to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability could allow a attacker to increase their privileges using a specially...
DEBIAN-CVE-2016-1372
ClamAV aka Clam AntiVirus before 0.99.2 allows remote attackers to cause a denial of service application crash via a crafted 7z file...
UBUNTU-CVE-2016-1372
ClamAV aka Clam AntiVirus before 0.99.2 allows remote attackers to cause a denial of service application crash via a crafted 7z file...