EUVD-2025-21791

Malicious code in bioql PyPI...

CVE-2025-53817 GHSL-2025-059 - 7-Zip - Null pointer array write attempt in NArchive::NCom::CHandler::GetStream

7-Zip is a file archiver with a high compression ratio. 7-Zip supports extracting from Compound Documents. Prior to version 25.0.0, a null pointer dereference in the Compound handler may lead to denial of service. Version 25.0.0 contains a fix cor the issue...

CVE-2025-53816 GHSL-2025-058 - 7-Zip Multi-byte write heap buffer overflow in NCompress::NRar5::CDecoder

7-Zip is a file archiver with a high compression ratio. Zeroes written outside heap buffer in RAR5 handler may lead to memory corruption and denial of service in versions of 7-Zip prior to 25.0.0. Version 25.0.0 contains a fix for the issue...

PT-2025-29940

Name of the Vulnerable Software and Affected Versions 7-Zip versions prior to 25.0.0 Description 7-Zip is a file archiver with a high compression ratio. A flaw exists in the RAR5 handler where writing zeroes outside of the heap buffer can cause memory corruption and denial of service...

CVE-2022-47112

7-Zip 22.01 does not report an error for certain invalid xz files, involving stream flags and reserved bits. Some later versions are unaffected...

CVE-2025-0411

7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicio...

Fake 7-Zip Exploit Code Traced to AI-Generated Misinterpretation

A recent claim that a critical zero-day vulnerability existed in the popular open-source file archiver 7-Zip has been met with skepticism from the software's creator and other security researchers...

7-Zip Qcow Handler Infinite Loop Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the processin...

JADX file override vulnerability

Summary when jadx parses a resource file, there is an escape problem with the style file, which can overwrite other files in the directory when saving the decompile result. Although I don't think this vulnerability realizes path traversal in the true sense of the word , I reported it anyway Detai...

Arbitrary File Write

spring-integration-zip is vulnerable to arbitrary file write. The library is missing a path check during the unzipping process, allowing a malicious user to pass a file path outside the intended directory, which can then be used to write arbitrary files within a user application. This vulnerabili...

Express Zip 2.40 - Directory Traversal

Express Zip 2.40 - Directory Traversal !/usr/bin/python -w Title : Express Zip = 2.40 Path Traversal Date : 07/04/2016 Author : R-73eN Tested on : Windows Xp / Windows 7 Ultimate Software Link : http://www.nchsoftware.com/zip/ Download Link: http://www.nchsoftware.com/zip/zipplus.exe Vulnerable...

eZip Wizard 3.0 (.zip) SEH

No description provided by source. !/usr/bin/perl Software : eZip Wizard 3.0 .zip Author : Lincoln & corelanc0d3r Discovered by : fl0 fl0w Reference : http://www.exploit-db.com/exploits/8180 OS : Windows Tested on : XP SP3 En VirtualBox Type of vuln : SEH Greetz to : Corelan Security Team & fl0...