Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
LibarchiveLibarchive

68 matches found

CVE
CVEadded 2017/04/03 5:59 a.m.83 views

CVE-2016-10209

The archive_wstring_append_from_mbs function in archive_string.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive file.

5.5CVSS5.8AI score0.00226EPSS
CVE
CVEadded 2016/09/20 2:15 p.m.82 views

CVE-2015-8919

The lha_read_file_extended_header function in archive_read_support_format_lha.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap) via a crafted (1) lzh or (2) lha file.

7.5CVSS7.3AI score0.0637EPSS
CVE
CVEadded 2017/02/15 7:59 p.m.80 views

CVE-2016-8688

The mtree bidder in libarchive 3.2.1 does not keep track of line sizes when extending the read-ahead, which allows remote attackers to cause a denial of service (crash) via a crafted file, which triggers an invalid read in the (1) detect_form or (2) bid_entry function in libarchive/archive_read_sup...

5.5CVSS5.9AI score0.00226EPSS
CVE
CVEadded 2016/09/20 2:15 p.m.79 views

CVE-2015-8930

bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (infinite loop) via an ISO with a directory that is a member of itself.

7.5CVSS7.5AI score0.04803EPSS
CVE
CVEadded 2024/10/10 2:15 a.m.79 views

CVE-2024-48957

execute_filter_audio in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst.

7.8CVSS7AI score0.00018EPSS
CVE
CVEadded 2016/09/20 2:15 p.m.78 views

CVE-2015-8923

The process_extra function in libarchive before 3.2.0 uses the size field and a signed number in an offset, which allows remote attackers to cause a denial of service (crash) via a crafted zip file.

6.5CVSS6.7AI score0.02186EPSS
CVE
CVEadded 2015/03/15 7:59 p.m.76 views

CVE-2015-2304

Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and earlier allows remote attackers to write to arbitrary files via a full pathname in an archive.

6.4CVSS7.4AI score0.02978EPSS
CVE
CVEadded 2016/09/20 2:15 p.m.74 views

CVE-2015-8925

The readline function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read) via a crafted mtree file, related to newline parsing.

5.5CVSS6.2AI score0.00506EPSS
CVE
CVEadded 2013/09/30 10:55 p.m.71 views

CVE-2013-0211

Integer signedness error in the archive_write_zip_data function in archive_write_set_format_zip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service (crash) via unspecified vectors, which triggers an improper conversion ...

5CVSS7.7AI score0.01196EPSS
CVE
CVEadded 2016/09/20 2:15 p.m.71 views

CVE-2015-8916

bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header is a "split file in multivolume RAR," which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted rar file.

6.5CVSS6.9AI score0.00901EPSS
CVE
CVEadded 2016/09/20 2:15 p.m.68 views

CVE-2015-8918

The archive_string_append function in archive_string.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted cab files, related to "overlapping memcpy."

7.5CVSS7AI score0.02038EPSS
CVE
CVEadded 2025/03/28 3:15 p.m.68 views

CVE-2024-48615

Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdtar in function header_pax_extension at rchive_read_support_format_tar.c:1844:8.

7.5CVSS7.2AI score0.00099EPSS
CVE
CVEadded 2025/06/09 8:15 p.m.65 views

CVE-2025-5914

A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, en...

9.8CVSS8.1AI score0.00039EPSS
CVE
CVEadded 2016/09/20 2:15 p.m.61 views

CVE-2015-8929

Memory leak in the __archive_read_get_extract function in archive_read_extract2.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service via a tar file.

5.5CVSS5.8AI score0.00271EPSS
CVE
CVEadded 2020/10/15 3:15 p.m.61 views

CVE-2020-21674

Heap-based buffer overflow in archive_string_append_from_wcs() (archive_string.c) in libarchive-3.4.1dev allows remote attackers to cause a denial of service (out-of-bounds write in heap memory resulting into a crash) via a crafted archive file. NOTE: this only affects users who downloaded the deve...

6.5CVSS6.6AI score0.00915EPSS
CVE
CVEadded 2019/04/23 3:29 a.m.60 views

CVE-2019-11463

A memory leak in archive_read_format_zip_cleanup in archive_read_support_format_zip.c in libarchive 3.3.4-dev allows remote attackers to cause a denial of service via a crafted ZIP file because of a HAVE_LZMA_H typo. NOTE: this only affects users who downloaded the development code from GitHub. Use...

5.5CVSS5.4AI score0.00196EPSS
CVE
CVEadded 2016/09/21 2:25 p.m.55 views

CVE-2016-4301

Stack-based buffer overflow in the parse_device function in archive_read_support_format_mtree.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a crafted mtree file.

7.8CVSS8AI score0.0144EPSS
CVE
CVEadded 2016/09/20 2:15 p.m.42 views

CVE-2015-8927

The trad_enc_decrypt_update function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted zip file, related to reading the password.

5.5CVSS5.4AI score0.00222EPSS
Total number of security vulnerabilities68