CVE-2018-7727 |
AVG-612 |
Low |
No |
Denial of service |
A memory leak was found in unzip-mem.c and unzzip-mem.c of ZZIPlib before 0.13.69, that could lead to resource exhaustion. Local attackers could leverage... |
CVE-2018-7726 |
AVG-612 |
Medium |
Yes |
Denial of service |
An improper input validation was found in function __zzip_fetch_disk_trailer of ZZIPlib before 0.13.69, that could lead to a crash in... |
CVE-2018-7725 |
AVG-612 |
Medium |
Yes |
Denial of service |
An out of bounds read was found in function zzip_disk_fread of ZZIPlib before 0.13.69, when ZZIPlib mem_disk functionality is used. Remote attackers could... |
CVE-2018-6869 |
AVG-667 |
Medium |
Yes |
Denial of service |
An uncontrolled memory allocation was found in ZZIPlib before 0.13.68 that could lead to a crash in the __zzip_parse_root_directory function of zzip/zip.c.... |
CVE-2018-6542 |
AVG-667 |
Low |
No |
Denial of service |
In ZZIPlib 0.13.67, there is a bus error (when handling a disk64_trailer seek value) caused by loading of a misaligned address in the zzip_disk_findfirst... |
CVE-2018-6541 |
AVG-667 |
Medium |
Yes |
Denial of service |
In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address (when handling disk64_trailer local entries) in __zzip_fetch_disk_trailer... |
CVE-2018-6540 |
AVG-667 |
Medium |
Yes |
Denial of service |
In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c. Remote attackers... |
CVE-2018-6484 |
AVG-667 |
Low |
No |
Denial of service |
An unaligned memory access bug was found in the way ZZIPlib handled ZIP files. This flaw could potentially be used to crash the application using ZZIPlib by... |
CVE-2018-6381 |
AVG-667 |
Medium |
No |
Denial of service |
In ZZIPlib 0.13.67, there is a segmentation fault caused by invalid memory access in the zzip_disk_fread function (zzip/mmapped.c) because the size variable... |
CVE-2017-5981 |
AVG-191 |
Medium |
Yes |
Denial of service |
seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (assertion failure and crash) via a crafted ZIP file. |
CVE-2017-5980 |
AVG-591 |
Medium |
Yes |
Denial of service |
The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (NULL pointer dereference and crash)... |
CVE-2017-5979 |
AVG-191 |
Medium |
Yes |
Denial of service |
The prescan_entry function in fseeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a... |
CVE-2017-5978 |
AVG-273 |
Medium |
Yes |
Denial of service |
The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a... |
CVE-2017-5977 |
AVG-273 |
Medium |
Yes |
Denial of service |
The zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (invalid memory read and crash)... |
CVE-2017-5976 |
AVG-191 |
High |
Yes |
Arbitrary code execution |
Heap-based buffer overflow in the zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service... |
CVE-2017-5975 |
AVG-191 |
High |
Yes |
Arbitrary code execution |
Heap-based buffer overflow in the __zzip_get64 function in fetch.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (crash) via a... |
CVE-2017-5974 |
AVG-191 |
High |
Yes |
Arbitrary code execution |
Heap-based buffer overflow in the __zzip_get32 function in fetch.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (crash) via a... |