Vulnerabilities > 7 ZIP > P7Zip

DATE CVE VULNERABILITY TITLE RISK
2023-08-22 CVE-2022-47069 Out-of-bounds Write vulnerability in 7-Zip P7Zip 16.02
p7zip 16.02 was discovered to contain a heap-buffer-overflow vulnerability via the function NArchive::NZip::CInArchive::FindCd(bool) at CPP/7zip/Archive/Zip/ZipIn.cpp.
local
low complexity
7-zip CWE-787
7.8
2018-01-31 CVE-2018-5996 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Insufficient exception handling in the method NCompress::NRar3::CDecoder::Code of 7-Zip before 18.00 and p7zip can lead to multiple memory corruptions within the PPMd code, allows remote attackers to cause a denial of service (segmentation fault) or execute arbitrary code via a crafted RAR archive.
network
7-zip debian CWE-119
6.8
2018-01-30 CVE-2017-17969 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18.00 and p7zip allows remote attackers to cause a denial of service (out-of-bounds write) or potentially execute arbitrary code via a crafted ZIP archive.
network
7-zip debian CWE-787
6.8
2016-11-12 CVE-2016-9296 NULL Pointer Dereference vulnerability in 7-Zip P7Zip 16.02
A null pointer dereference bug affects the 16.02 and many old versions of p7zip.
network
low complexity
7-zip CWE-476
5.0
2015-01-21 CVE-2015-1038 Link Following vulnerability in multiple products
p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive.
5.8