Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
archiver vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2019-10743
All versions of archiver allow malicious user to perform a Zip Slip attack via the "unarchive" functions. It is exploited using a specially crafted zip archive, that holds path traversal filenames. When exploited, a filename in a malicious archive is concatenated to the...
Archiver Project Archiver
5.5
CVSSv3
CVE-2018-1002207
mholt/archiver golang package before e4ef56d48eb029648b0e895bb0b6a393ef0829c3 is vulnerable to directory traversal, allowing malicious users to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. This vulnerability is also ...
Archiver Project Archiver
9.8
CVSSv3
CVE-2021-29281
File upload vulnerability in GFI Mail Archiver versions up to and including 15.1 via insecure implementation of Telerik Web UI plugin which is affected by CVE-2014-2217, and CVE-2017-11317.
Gfi Archiver
9.1
CVSSv3
CVE-2018-25046
Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.
Cloudfoundry Archiver
NA
CVE-2006-1611
Directory traversal vulnerability in KGB Archiver prior to 1.1.5.22 allows remote malicious users to overwrite arbitrary files wile decompressing an archive, possibly due to directory traversal sequences in a filename.
Kgb Archiver
NA
CVE-2007-3375
Stack-based buffer overflow in Lhaca File Archiver prior to 1.21 allows user-assisted remote malicious users to execute arbitrary code via a crafted LZH archive, as exploited by malware such as Trojan.Lhdropper.
Lhaca File Archiver
6.1
CVSSv3
CVE-2018-20369
Barracuda Message Archiver 2018 has XSS in the error_msg exception-handling value for the ldap_user parameter to the cgi-mod/ldap_load_entry.cgi module. The injection point of the issue is the Add_Update module.
Barracuda Message Archiver 2018
9.8
CVSSv3
CVE-2023-37460
Plexis Archiver is a collection of Plexus components to create archives or extract archives to a directory with a unified `Archiver`/`UnArchiver` API. Prior to version 4.8.0, using AbstractUnArchiver for extracting an archive might lead to an arbitrary file creation and possibly ...
Codehaus-plexus Plexus-archiver
6.1
CVSSv3
CVE-2019-10685
A Reflected Cross Site Scripting (XSS) Vulnerability exists in Heidelberg Prinect Archiver v2013 release 1.0.
Heidelberg Prinect Archiver 2013
1 EDB exploit
1 Github repository
NA
CVE-2007-3512
Stack-based buffer overflow in Lhaca File Archiver prior to 1.22 allows user-assisted remote malicious users to execute arbitrary code via a large LHA "Extended Header Size" value in an LZH archive, a different issue than CVE-2007-3375.
Wakwak Lhaca File Archiver
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »