← Back

7 Zip

7-zip

25 CVEs • 2 products

Products (2)

Click to collapse
Toggle
7 Zip
7-zip
22 CVEs
P7zip
p7zip
5 CVEs

CVEs (25)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2016-9296
17 Zip
1P7zip
May 6, 2026
Nov 12, 2016
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A null pointer dereference bug affects the 16.02 and many old versions of p7zip. A lack of null pointer check for the variable folders.PackPositions in function CInArchive::ReadAndDecodePackedStreams in CPP/7zip/Archive/...Show more
A null pointer dereference bug affects the 16.02 and many old versions of p7zip. A lack of null pointer check for the variable folders.PackPositions in function CInArchive::ReadAndDecodePackedStreams in CPP/7zip/Archive/7z/7zIn.cpp, as used in the 7z.so library and in 7z applications, will cause a crash and a denial of service when decoding malformed 7z files.Show less
CVE-2016-2335
37 Zip
DebianOpensuse
37 Zip
Debian LinuxOpensuse
May 6, 2026
Jun 7, 2016
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
The CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp in 7zip 9.20 and 15.05 beta and p7zip allows remote attackers to cause a denial of service (out-of-bounds read) or execute arbitrary code via the PartitionRef...Show more
The CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp in 7zip 9.20 and 15.05 beta and p7zip allows remote attackers to cause a denial of service (out-of-bounds read) or execute arbitrary code via the PartitionRef field in the Long Allocation Descriptor in a UDF file.Show less
CVE-2015-1038
37 Zip
FedoraprojectOracle
3Fedora
P7zipSolaris
May 6, 2026
Jan 21, 2015
N/A· v4
N/A· v3
5.8 MEDIUM· v2
p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive.
CVE-2008-6536
17 Zip
17 Zip
Apr 23, 2026
Mar 30, 2009
N/A· v4
N/A· v3
10.0 HIGH· v2
Unspecified vulnerability in 7-zip before 4.5.7 has unknown impact and remote attack vectors, as demonstrated by the PROTOS GENOME test suite for Archive Formats (c10).
CVE-2007-4725
17 Zip
17 Zip
Apr 23, 2026
Sep 5, 2007
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Stack consumption vulnerability in AkkyWareHOUSE 7-zip32.dll before 4.42.00.04, as derived from Igor Pavlov 7-Zip before 4.53 beta, allows user-assisted remote attackers to execute arbitrary code via a long filename in a...Show more
Stack consumption vulnerability in AkkyWareHOUSE 7-zip32.dll before 4.42.00.04, as derived from Igor Pavlov 7-Zip before 4.53 beta, allows user-assisted remote attackers to execute arbitrary code via a long filename in an archive, leading to a heap-based buffer overflow.Show less