Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rarlab vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2018-20253
In WinRAR versions prior to and including 5.60, There is an out-of-bounds write vulnerability during parsing of a crafted LHA / LZH archive formats. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Rarlab Winrar
1 Github repository
5
CVSSv2
CVE-2017-12938
UnRAR prior to 5.5.7 allows remote malicious users to bypass a directory-traversal protection mechanism via vectors involving a symlink to the . directory, a symlink to the .. directory, and a regular file.
Rarlab Unrar
7.5
CVSSv2
CVE-2017-12941
libunrar.a in UnRAR prior to 5.5.7 has an out-of-bounds read in the Unpack::Unpack20 function.
Rarlab Unrar
7.5
CVSSv2
CVE-2017-12940
libunrar.a in UnRAR prior to 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function.
Rarlab Unrar
7.5
CVSSv2
CVE-2017-12942
libunrar.a in UnRAR prior to 5.5.7 has a buffer overflow in the Unpack::LongLZ function.
Rarlab Unrar
2.1
CVSSv2
CVE-2006-3912
Stack-based buffer overflow in the SFX module in WinRAR prior to 3.60 beta 8 has unspecified vectors and impact.
Rarlab Winrar 3.60 Beta8
3 EDB exploits
NA
CVE-2022-43650
This vulnerability allows remote malicious users to disclose sensitive information on affected installations of RARLAB WinRAR 6.11.0.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...
Rarlab Winrar 6.11
4.3
CVSSv2
CVE-2007-3726
Integer signedness error in the SET_VALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote malicious users to cause a denial of service (crash) via a crafted RAR archive that causes a negative signed nu...
Rarlab Unrar 3.70 Beta 3
5.1
CVSSv2
CVE-2005-4474
Buffer overflow in the "Add to archive" command in WinRAR 3.51 allows user-assisted malicious users to cause a denial of service (crash) and possibly execute arbitrary code by tricking the user into adding a file whose filename contains a non-default code page and non-A...
Rarlab Winrar 3.51
10
CVSSv2
CVE-2012-6706
A VMSF_DELTA memory corruption exists in unrar prior to 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine prior to 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative va...
Sophos Threat Detection Engine
Rarlab Unrar
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »