Lucene search
K

173 matches found

OSV
OSV
added 2020/01/31 10:15 p.m.23 views

CVE-2014-8140

Heap-based buffer overflow in the testcompreb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...

7.8CVSS7.8AI score
Exploits0References5
Prion
Prion
added 2020/01/31 10:15 p.m.26 views

Heap overflow

Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...

6.8CVSS9.8AI score0.07448EPSS
Exploits0References4Affected Software7
Prion
Prion
added 2020/01/31 10:15 p.m.22 views

Heap overflow

Heap-based buffer overflow in the testcompreb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...

6.8CVSS9.8AI score0.07448EPSS
Exploits0References4Affected Software7
AlpineLinux
AlpineLinux
added 2020/01/31 10:8 p.m.52 views

CVE-2014-8141

Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...

7.8CVSS8.4AI score0.07448EPSS
Exploits0
Debian CVE
Debian CVE
added 2020/01/31 10:8 p.m.31 views

CVE-2014-8141

Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...

7.8CVSS7.9AI score0.07448EPSS
Exploits0
Debian CVE
Debian CVE
added 2020/01/31 10:0 p.m.25 views

CVE-2014-8139

Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...

7.8CVSS8AI score0.07448EPSS
Exploits0
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for unzip (EulerOS-SA-2019-2677)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.5AI score0.30469EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for unzip (EulerOS-SA-2019-1627)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6AI score0.02586EPSS
Exploits1References2
OSV
OSV
added 2020/01/14 2:15 p.m.4 views

CVE-2020-5196

Cerberus FTP Server Enterprise Edition prior to versions 11.0.3 and 10.0.18 allows an authenticated attacker to create files, display hidden files, list directories, and list files without the permission to zip and download or unzip and upload files. There are multiple ways to bypass certain...

8.1CVSS7.3AI score0.01204EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2019/11/07 12:0 a.m.44 views

Amazon Linux 2 : unzip (ALAS-2019-1355)

Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12.CVE-2018-18384 C Tenable Network Security, Inc. The descriptive text and packag...

5.5CVSS6.3AI score0.02586EPSS
Exploits1References2
Amazon
Amazon
added 2019/11/04 12:0 a.m.41 views

Low: unzip

Issue Overview: Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12.CVE-2018-18384 Affected Packages: unzip Note: This advisory is...

5.5CVSS6.4AI score0.02586EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2019/10/15 12:0 a.m.36 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : unzip Vulnerability (NS-SA-2019-0192)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has unzip packages installed that are affected by a vulnerability: - Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size...

5.5CVSS6.4AI score0.02586EPSS
Exploits1References2
CNVD
CNVD
added 2019/07/05 12:0 a.m.0 views

Info-ZIP UnZip Denial of Service Vulnerability (CNVD-2019-21440)

Info-ZIP UnZip is the United States Greg Roelofs software developers of a set of Unix-based platform for the ".zip" file format for decompression tools. A security vulnerability exists in Info-ZIP UnZip version 6.0. An attacker could exploit this vulnerability to cause a denial of service...

3.3CVSS8.1AI score0.00495EPSS
Exploits0References1
NVD
NVD
added 2019/07/04 1:15 p.m.14 views

CVE-2019-13232

Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue...

3.3CVSS3.9AI score0.00495EPSS
Exploits0References7
OSV
OSV
added 2019/07/04 1:15 p.m.2 views

DEBIAN-CVE-2019-13232

Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue...

3.3CVSS6.4AI score0.00495EPSS
Exploits0References1
OSV
OSV
added 2019/07/04 1:15 p.m.3 views

ALPINE-CVE-2019-13232

Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue...

3.3CVSS6.8AI score0.00495EPSS
Exploits0References1
OSV
OSV
added 2019/07/04 1:15 p.m.4 views

UBUNTU-CVE-2019-13232

Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue...

7.5CVSS6.7AI score0.00495EPSS
Exploits0References4
Cvelist
Cvelist
added 2019/07/04 12:3 p.m.20 views

CVE-2019-13232

Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue...

3.9AI score0.00495EPSS
Exploits0References7
AlpineLinux
AlpineLinux
added 2019/07/04 12:3 p.m.44 views

CVE-2019-13232

Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue...

3.3CVSS4.2AI score0.00495EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2019/07/02 12:0 a.m.2 views

PT-2019-5050 · Info Zip +4 · Info-Zip Unzip +4

Name of the Vulnerable Software and Affected Versions: Info-ZIP UnZip version 6.0 Description: The issue is related to the mishandling of overlapping files inside a ZIP container, which can lead to denial of service due to resource consumption, also known as a "better zip bomb" issue. Additionall...

7.8CVSS5.5AI score0.30469EPSS
Exploits5References66
Rows per page
Query Builder