25 matches found
EUVD-2006-6867
Malware in sbrugna...
EUVD-2008-3428
Malware in sbrugna...
EUVD-2025-13392
Malicious code in bioql PyPI...
EUVD-2025-2096
Malicious code in bioql PyPI...
EUVD-2024-49610
Malicious code in bioql PyPI...
CVE-2008-3442
WinZip before 11.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...
CVE-2025-33028
In WinZip through 29.0, there is a Mark-of-the-Web Bypass Vulnerability because of an incomplete fix for CVE-2024-8811. This vulnerability allows attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of WinZip. User interaction is required to exploit this...
CVE-2025-33028
In WinZip through 29.0, there is a Mark-of-the-Web Bypass Vulnerability because of an incomplete fix for CVE-2024-8811. This vulnerability allows attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of WinZip. User interaction is required to exploit this...
CVE-2025-33028
In WinZip through 29.0, there is a Mark-of-the-Web Bypass Vulnerability because of an incomplete fix for CVE-2024-8811. This vulnerability allows attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of WinZip. User interaction is required to exploit this...
PT-2025-16367 · Winzip · Winzip
Name of the Vulnerable Software and Affected Versions: WinZip versions prior to 29.0 Description: The issue is related to the handling of archived files in WinZip, allowing attackers to bypass the Mark-of-the-Web protection mechanism. This can be exploited when a user extracts files from a crafte...
CVE-2025-33028
WinZip
CVE-2025-33028
In WinZip through 29.0, there is a Mark-of-the-Web Bypass Vulnerability because of an incomplete fix for CVE-2024-8811. This vulnerability allows attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of WinZip. User interaction is required to exploit this...
CVE-2025-1240
WinZip 7Z File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of WinZip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or op...
CVE-2025-1240
Summary: CVE-2025-1240 corresponds to a WinZip 7Z file parsing vulnerability that enables remote code execution via an out-of-bounds/write within the 7Z parser. The issue stems from insufficient validation of user-supplied data, potentially allowing code execution in the affected process. Exploit...
CVE-2025-1240 WinZip 7Z File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
WinZip 7Z File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of WinZip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or op...
CVE-2025-1240 WinZip 7Z File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
WinZip 7Z File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of WinZip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or op...
WinZip 7Z File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of WinZip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 7Z files. Th...
PT-2024-6334 · Winzip · Winzip
Name of the Vulnerable Software and Affected Versions: WinZip versions prior to 29.0 Description: The issue is related to a Mark-of-the-Web Bypass Vulnerability in WinZip, allowing remote attackers to bypass the Mark-of-the-Web protection mechanism. This can be exploited when a user opens a...
WinZip Mark-of-the-Web Bypass Vulnerability
This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of WinZip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
VulnCheck KEV: CVE-2006-6884
Buffer overflow in the WZFILEVIEW.FileViewCtrl.61 ActiveX control aka Sky Software "FileView" ActiveX control for WinZip 10.0 Build 6667 allows remote attackers to execute arbitrary code via a long argument to the CreateNewFolderFromName method, a different vulnerability than CVE-2006-5198...