Total
302268 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-7726 | 3 Canonical, Gdraheim, Redhat | 5 Ubuntu Linux, Zziplib, Enterprise Linux Desktop and 2 more | 2025-07-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in ZZIPlib 0.13.68. There is a bus error caused by the __zzip_parse_root_directory function of zip.c. Attackers could leverage this vulnerability to cause a denial of service via a crafted zip file. | |||||
| CVE-2018-17828 | 1 Gdraheim | 1 Zziplib | 2025-07-10 | 5.8 MEDIUM | 5.5 MEDIUM |
| Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers to overwrite arbitrary files via a .. (dot dot) in a zip file, because of the function unzzip_cat in the bins/unzzipcat-mem.c file. | |||||
| CVE-2018-6869 | 3 Canonical, Debian, Gdraheim | 3 Ubuntu Linux, Debian Linux, Zziplib | 2025-07-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ZZIPlib 0.13.68, there is an uncontrolled memory allocation and a crash in the __zzip_parse_root_directory function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file. | |||||
| CVE-2018-6381 | 2 Canonical, Gdraheim | 2 Ubuntu Linux, Zziplib | 2025-07-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ZZIPlib 0.13.67, 0.13.66, 0.13.65, 0.13.64, 0.13.63, 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57 and 0.13.56 there is a segmentation fault caused by invalid memory access in the zzip_disk_fread function (zzip/mmapped.c) because the size variable is not validated against the amount of file->stored data. | |||||
| CVE-2017-5977 | 1 Gdraheim | 1 Zziplib | 2025-07-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| The zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted ZIP file. | |||||
| CVE-2017-5978 | 1 Gdraheim | 1 Zziplib | 2025-07-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted ZIP file. | |||||
| CVE-2017-5979 | 1 Gdraheim | 1 Zziplib | 2025-07-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| The prescan_entry function in fseeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted ZIP file. | |||||
| CVE-2017-5976 | 2 Debian, Gdraheim | 2 Debian Linux, Zziplib | 2025-07-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| Heap-based buffer overflow in the zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file. | |||||
| CVE-2018-7727 | 2 Gdraheim, Redhat | 4 Zziplib, Enterprise Linux Desktop, Enterprise Linux Server and 1 more | 2025-07-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in ZZIPlib 0.13.68. There is a memory leak triggered in the function zzip_mem_disk_new in memdisk.c, which will lead to a denial of service attack. | |||||
| CVE-2018-6542 | 1 Gdraheim | 1 Zziplib | 2025-07-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ZZIPlib 0.13.67, there is a bus error (when handling a disk64_trailer seek value) caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c. | |||||
| CVE-2020-18770 | 1 Gdraheim | 1 Zziplib | 2025-07-10 | N/A | 5.5 MEDIUM |
| An issue was discovered in function zzip_disk_entry_to_file_header in mmapped.c in zziplib 0.13.69, which will lead to a denial-of-service. | |||||
| CVE-2018-6540 | 2 Canonical, Gdraheim | 2 Ubuntu Linux, Zziplib | 2025-07-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file. | |||||
| CVE-2025-27736 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2025-07-10 | N/A | 5.5 MEDIUM |
| Exposure of sensitive information to an unauthorized actor in Windows Power Dependency Coordinator allows an authorized attacker to disclose information locally. | |||||
| CVE-2025-27735 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-07-10 | N/A | 6.0 MEDIUM |
| Insufficient verification of data authenticity in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally. | |||||
| CVE-2024-32231 | 1 Stashapp | 1 Stash | 2025-07-10 | N/A | 6.3 MEDIUM |
| Stash up to v0.25.1 was discovered to contain a SQL injection vulnerability via the sort parameter. | |||||
| CVE-2025-27733 | 1 Microsoft | 7 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 4 more | 2025-07-10 | N/A | 7.8 HIGH |
| Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally. | |||||
| CVE-2024-45993 | 1 Giflib Project | 1 Giflib | 2025-07-10 | N/A | 6.5 MEDIUM |
| Giflib Project v5.2.2 is vulnerable to a heap buffer overflow via gif2rgb. | |||||
| CVE-2024-43346 | 1 Wow-company | 1 Modal Window | 2025-07-10 | N/A | 6.5 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wow-Company Modal Window allows Stored XSS.This issue affects Modal Window: from n/a through 6.0.3. | |||||
| CVE-2025-26664 | 1 Microsoft | 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more | 2025-07-10 | N/A | 6.5 MEDIUM |
| Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | |||||
| CVE-2024-45920 | 1 Solvait | 1 Solvait | 2025-07-10 | N/A | 5.4 MEDIUM |
| A Stored Cross-Site Scripting (XSS) vulnerability in Solvait 24.4.2 allows remote attackers to inject malicious scripts into the application. This issue arises due to insufficient input validation and sanitization in "Intrest" feature. | |||||