cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-0411,https://securityvulnerability.io/vulnerability/CVE-2025-0411,Mark-of-the-Web Bypass Vulnerability in 7-Zip by 7-Zip,"A vulnerability exists in 7-Zip that permits attackers to bypass the Mark-of-the-Web protection mechanism when extracting files from specially crafted archives. This flaw enables the extraction process to omit security markers, potentially allowing malicious files to execute arbitrary code with the privileges of the current user. User interaction is necessary, as this exploitation occurs only when a user opens a specially crafted file or visits a malicious webpage. It is recommended to update to the latest version of 7-Zip to mitigate risks associated with this vulnerability.",7-zip,7-zip,7,HIGH,0.004019999876618385,true,2025-02-06T00:00:00.000Z,true,true,true,2025-01-22T23:40:34.000Z,true,true,true,2025-02-05T15:52:02.416Z,2025-01-25T04:28:24.270Z,11821
CVE-2024-11477,https://securityvulnerability.io/vulnerability/CVE-2024-11477,Remote Code Execution Vulnerability in 7-Zip's Decompression Implementation,"A security flaw in the Zstandard decompression function of 7-Zip exposes installations to the risk of arbitrary code execution due to insufficient validation of user-supplied data. This integer underflow issue occurs when processing specially crafted input, allowing remote attackers to potentially execute malicious code within the context of the affected application. Exploitation requires interaction with the vulnerable library, leading to significant security concerns for users of 7-Zip. Affected users are encouraged to review their systems and apply available patches promptly to mitigate the risk.",7-zip,7-zip,7.8,HIGH,0.00044999999227002263,false,,true,false,true,2024-11-25T07:20:39.000Z,true,true,true,2024-11-27T09:52:02.482Z,2024-11-22T20:22:33.278Z,16211