Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
roller vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-4668
Directory traversal vulnerability in File Roller 3.6.x prior to 3.6.4, 3.8.x prior to 3.8.3, and 3.9.x prior to 3.9.3, when libarchive is used, allows remote malicious users to create arbitrary files via a crafted archive that is not properly handled in a "Keep directory str...
File Roller Project File Roller
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.04
7.5
CVSSv3
CVE-2021-33580
User controlled `request.getHeader("Referer")`, `request.getRequestURL()` and `request.getQueryString()` are used to build and run a regex expression. The attacker doesn't have to use a browser and may send a specially crafted Referer header programmatically. Since...
Apache Roller
5.4
CVSSv3
CVE-2023-37581
Insufficient input validation and sanitation in Weblog Category name, Website About and File Upload features in all versions of Apache Roller on all platforms allows an authenticated user to perform an XSS attack. Mitigation: if you do not have Roller configured for untrusted use...
Apache Roller
3.9
CVSSv3
CVE-2020-36314
fr-archive-libarchive.c in GNOME file-roller up to and including 3.38.0, as used by GNOME Shell and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. NOTE: this issue e...
Gnome File-roller
Fedoraproject Fedora 34
NA
CVE-2014-7087
The Top Roller Coasters Europe 1 (aka com.appaapps.top10tallesteuropeanrollercoasters1) application @7F050001 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a cr...
Appa-apps Top Roller Coasters Europe 1 \\@7f050001
NA
CVE-2014-7802
The Top Roller Coasters Europe 2 (aka com.appaapps.top10tallesteuropeanrollercoasters2) application @7F050001 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a cr...
Appa-apps Top Roller Coasters Europe 2 \\@7f050001
3.9
CVSSv3
CVE-2020-11736
fr-archive-libarchive.c in GNOME file-roller up to and including 3.36.1 allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended extraction location.
Gnome File-roller
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
4.3
CVSSv3
CVE-2019-16680
An issue exists in GNOME file-roller prior to 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction.
Gnome File-roller
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2