Skip to main content
CVE-2015-8934 MEDIUM POC This Month

The copy_from_lzss_window function in archive_read_support_format_rar.c in libarchive 3.2.0 and earlier allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Information Disclosure Buffer Overflow Linux Enterprise Desktop Linux Enterprise Server +3
NVD GitHub
CVSS 3.0
5.5
EPSS
1.4%
CVE-2015-8932 MEDIUM POC This Month

The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Ubuntu Linux Debian Linux Linux Enterprise Desktop Linux Enterprise Server +2
NVD GitHub
CVSS 3.0
5.5
EPSS
0.6%
CVE-2015-8925 MEDIUM POC This Month

The readline function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read) via a crafted mtree file, related to. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Information Disclosure Buffer Overflow Ubuntu Linux Libarchive +3
NVD GitHub
CVSS 3.0
5.5
EPSS
0.5%
CVE-2015-8915 MEDIUM POC This Month

bsdcpio in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read and crash) via crafted cpio file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Information Disclosure Buffer Overflow Libarchive
NVD GitHub
CVSS 3.0
5.5
EPSS
0.4%
CVE-2015-8926 MEDIUM POC This Month

The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted rar archive. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Ubuntu Linux Linux Enterprise Desktop Linux Enterprise Server +2
NVD GitHub
CVSS 3.0
5.5
EPSS
0.4%
CVE-2015-8933 MEDIUM POC This Month

Integer overflow in the archive_read_format_tar_skip function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service Libarchive Linux Enterprise Desktop Linux Enterprise Server +2
NVD GitHub
CVSS 3.0
5.5
EPSS
0.3%
CVE-2015-8928 MEDIUM POC This Month

The process_add_entry function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Information Disclosure Buffer Overflow Ubuntu Linux Libarchive +3
NVD GitHub
CVSS 3.0
5.5
EPSS
0.3%
CVE-2015-8929 MEDIUM POC This Month

Memory leak in the __archive_read_get_extract function in archive_read_extract2.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service via a tar file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Linux Enterprise Desktop Linux Enterprise Server Linux Enterprise Software Development Kit +1
NVD GitHub
CVSS 3.0
5.5
EPSS
0.3%
CVE-2015-8927 MEDIUM POC This Month

The trad_enc_decrypt_update function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap read and crash) via a. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Information Disclosure Buffer Overflow Libarchive
NVD GitHub
CVSS 3.0
5.5
EPSS
0.2%
CVE-2015-8923 MEDIUM This Month

The process_extra function in libarchive before 3.2.0 uses the size field and a signed number in an offset, which allows remote attackers to cause a denial of service (crash) via a crafted zip file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Libarchive Suse Linux Enterprise Software Development Kit Suse Linux Enterprise Desktop Suse Linux Enterprise Server +1
NVD GitHub
CVSS 3.0
6.5
EPSS
2.6%
CVE-2015-8916 MEDIUM This Month

bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header is a "split file in multivolume RAR," which allows remote attackers to cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Ubuntu Linux Debian Linux Libarchive
NVD GitHub
CVSS 3.0
6.5
EPSS
1.2%
CVE-2015-8920 MEDIUM This Month

The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure Buffer Overflow Suse Linux Enterprise Software Development Kit Suse Linux Enterprise Desktop +3
NVD GitHub
CVSS 3.0
5.5
EPSS
0.6%
CVE-2015-8922 MEDIUM This Month

The read_CodersInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Libarchive Suse Linux Enterprise Software Development Kit Suse Linux Enterprise Desktop +3
NVD GitHub
CVSS 3.0
5.5
EPSS
0.4%
CVE-2015-8924 MEDIUM This Month

The archive_read_format_tar_read_header function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure Buffer Overflow Libarchive Suse Linux Enterprise Software Development Kit +3
NVD GitHub
CVSS 3.0
5.5
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy