Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
Unzip ProjectUnzip6.0

10 matches found

CVE
CVEadded 2022/02/09 11:15 p.m.336 views

CVE-2022-0530

A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.

5.5CVSS5.3AI score0.00123EPSS
CVE
CVEadded 2022/02/09 11:15 p.m.334 views

CVE-2022-0529

A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.

5.5CVSS5.3AI score0.00236EPSS
CVE
CVEadded 2019/07/04 1:15 p.m.327 views

CVE-2019-13232

Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service (resource consumption), aka a "better zip bomb" issue.

3.3CVSS3.8AI score0.00085EPSS
CVE
CVEadded 2022/08/24 4:15 p.m.293 views

CVE-2021-4217

A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.

3.3CVSS3.9AI score0.00138EPSS
CVE
CVEadded 2018/10/16 4:50 p.m.238 views

CVE-2018-18384

Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12.

5.5CVSS5AI score0.03023EPSS
CVE
CVEadded 2015/02/06 3:59 p.m.126 views

CVE-2014-9636

unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression.

5CVSS7.3AI score0.59304EPSS
CVE
CVEadded 2015/11/06 6:59 p.m.114 views

CVE-2015-7696

Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value.

6.8CVSS6.6AI score0.31998EPSS
CVE
CVEadded 2015/11/06 6:59 p.m.111 views

CVE-2015-7697

Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (infinite loop) via empty bzip2 data in a ZIP archive.

4.3CVSS5.1AI score0.25148EPSS
CVE
CVEadded 2017/01/18 5:59 p.m.103 views

CVE-2014-9913

Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via vectors related to the compression method.

4CVSS4.1AI score0.0331EPSS
CVE
CVEadded 2017/01/18 5:59 p.m.95 views

CVE-2016-9844

Buffer overflow in the zi_short function in zipinfo.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via a large compression method value in the central directory file header.

4CVSS4.2AI score0.10974EPSS