Vulnerabilities > 7 ZIP > P7Zip > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-31 | CVE-2018-5996 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Insufficient exception handling in the method NCompress::NRar3::CDecoder::Code of 7-Zip before 18.00 and p7zip can lead to multiple memory corruptions within the PPMd code, allows remote attackers to cause a denial of service (segmentation fault) or execute arbitrary code via a crafted RAR archive. | 6.8 |
| 2018-01-30 | CVE-2017-17969 | Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18.00 and p7zip allows remote attackers to cause a denial of service (out-of-bounds write) or potentially execute arbitrary code via a crafted ZIP archive. | 6.8 |
| 2016-11-12 | CVE-2016-9296 | NULL Pointer Dereference vulnerability in 7-Zip P7Zip 16.02 A null pointer dereference bug affects the 16.02 and many old versions of p7zip. | 5.0 |
| 2015-01-21 | CVE-2015-1038 | Link Following vulnerability in multiple products p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive. | 5.8 |