Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rarlab unrar vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-12938
UnRAR prior to 5.5.7 allows remote malicious users to bypass a directory-traversal protection mechanism via vectors involving a symlink to the . directory, a symlink to the .. directory, and a regular file.
Rarlab Unrar
4.3
CVSSv2
CVE-2017-14121
The DecodeNumber function in unrarlib.c in unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a NULL pointer dereference flaw triggered by a crafted RAR archive. NOTE: this may be the same as one of the several test cases in the CVE-2017-11189 references.
Rarlab Unrar 0.0.1
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2007-3726
Integer signedness error in the SET_VALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote malicious users to cause a denial of service (crash) via a crafted RAR archive that causes a negative signed nu...
Rarlab Unrar 3.70 Beta 3
NA
CVE-2022-48579
UnRAR prior to 6.2.3 allows extraction of files outside of the destination folder via symlink chains.
Rarlab Unrar
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644
unprivileged
CVE-2024-3494
CVE-2024-22460
CVE-2024-26026
CVE-2024-23473
firewall
CVE-2024-28889
XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2