Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rarlab vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-12940
libunrar.a in UnRAR prior to 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function.
Rarlab Unrar
9.8
CVSSv3
CVE-2017-12941
libunrar.a in UnRAR prior to 5.5.7 has an out-of-bounds read in the Unpack::Unpack20 function.
Rarlab Unrar
9.8
CVSSv3
CVE-2017-12942
libunrar.a in UnRAR prior to 5.5.7 has a buffer overflow in the Unpack::LongLZ function.
Rarlab Unrar
9.8
CVSSv3
CVE-2012-6706
A VMSF_DELTA memory corruption exists in unrar prior to 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine prior to 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative va...
Sophos Threat Detection Engine
Rarlab Unrar
9.1
CVSSv3
CVE-2017-14122
unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a stack-based buffer over-read in unrarlib.c, related to ExtrFile and stricomp.
Rarlab Unrar 0.0.1
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2023-38831
RARLAB WinRAR prior to 6.23 allows malicious users to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name ...
Rarlab Winrar
65 Github repositories
4 Articles
7.8
CVSSv3
CVE-2018-25018
UnRAR 5.6.1.7 up to and including 5.7.4 and 6.0.3 has an out-of-bounds write during a memcpy in QuickOpen::ReadRaw when called from QuickOpen::ReadNext.
Rarlab Unrar
Rarlab Unrar 6.0.3
7.8
CVSSv3
CVE-2017-20006
UnRAR 5.6.1.2 and 5.6.1.3 has a heap-based buffer overflow in Unpack::CopyString (called from Unpack::Unpack5 and CmdExtract::ExtractCurrentFile).
Rarlab Unrar 5.6.1.2
Rarlab Unrar 5.6.1.3
7.8
CVSSv3
CVE-2018-20253
In WinRAR versions prior to and including 5.60, There is an out-of-bounds write vulnerability during parsing of a crafted LHA / LZH archive formats. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Rarlab Winrar
1 Github repository
7.8
CVSSv3
CVE-2018-20250
In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating ...
Rarlab Winrar
2 EDB exploits
21 Github repositories
5 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »