Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
winrar vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-38831
RARLAB WinRAR prior to 6.23 allows malicious users to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name ...
Rarlab Winrar
62 Github repositories
3 Articles
605
VMScore
CVE-2018-20252
In WinRAR versions prior to and including 5.60, there is an out-of-bounds write vulnerability during parsing of crafted ACE and RAR archive formats. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Rarlab Winrar
1 Github repository
605
VMScore
CVE-2018-20253
In WinRAR versions prior to and including 5.60, There is an out-of-bounds write vulnerability during parsing of a crafted LHA / LZH archive formats. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Rarlab Winrar
1 Github repository
383
VMScore
CVE-2018-20251
In WinRAR versions prior to and including 5.61, there is path traversal vulnerability when crafting the filename field of the ACE format. The UNACE module (UNACEV2.dll) creates files and folders as written in the filename field even when WinRAR validator noticed the traversal att...
Rarlab Winrar
1 Github repository
454
VMScore
CVE-2005-4474
Buffer overflow in the "Add to archive" command in WinRAR 3.51 allows user-assisted malicious users to cause a denial of service (crash) and possibly execute arbitrary code by tricking the user into adding a file whose filename contains a non-default code page and non-A...
Rarlab Winrar 3.51
NA
CVE-2022-43650
This vulnerability allows remote malicious users to disclose sensitive information on affected installations of RARLAB WinRAR 6.11.0.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...
Rarlab Winrar 6.11
225
VMScore
CVE-2006-3912
Stack-based buffer overflow in the SFX module in WinRAR prior to 3.60 beta 8 has unspecified vectors and impact.
Rarlab Winrar 3.60 Beta8
3 EDB exploits
NA
CVE-2024-30370
RARLAB WinRAR Mark-Of-The-Web Bypass Vulnerability. This vulnerability allows remote malicious users to bypass the Mark-Of-The-Web protection mechanism on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must p...
NA
CVE-2023-40477
This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
2 Github repositories
1 Article
409
VMScore
CVE-2021-35052
A component in Kaspersky Password Manager could allow an malicious user to elevate a process Integrity level from Medium to High.
Kaspersky Password Manager
Kaspersky Password Manager 9.0.2
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »