Lha
This hub aggregates every CVE we track for Lha, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.
Operating Systemson-prem
5
CVEs tracked
3
Critical
0
High
0
In CISA KEV
Severity distribution
CRITICAL3MEDIUM2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 5 most recently published vulnerabilities affecting Lha.
- CVE-2004-0694Buffer overflow in LHA 1.14 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to "command line processing," a ...6.8
- CVE-2004-0745LHA 1.14 and earlier allows attackers to execute arbitrary commands via a directory with shell metacharacters in its name.10.0
- CVE-2004-0771Buffer overflow in the extract_one function from lhext.c in LHA may allow attackers to execute arbitrary code via a long w (working directory) command line option, a different issue than CVE-2004-0...10.0
- CVE-2004-0234Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbi...10.0
- CVE-2004-0235Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolut...6.4
Product normalization is registry-driven with AI assist and human review. How it works