Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rarlab vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-36052
RARLAB WinRAR prior to 7.00, on Windows, allows malicious users to spoof the screen output via ANSI escape sequences, a different issue than CVE-2024-33899.
NA
CVE-2023-40477
RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability ...
2 Github repositories
2 Articles
NA
CVE-2024-33899
RARLAB WinRAR prior to 7.00, on Linux and UNIX platforms, allows malicious users to spoof the screen output, or cause a denial of service, via ANSI escape sequences.
NA
CVE-2024-30370
RARLAB WinRAR Mark-Of-The-Web Bypass Vulnerability. This vulnerability allows remote malicious users to bypass the Mark-Of-The-Web protection mechanism on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must p...
NA
CVE-2023-38831
RARLAB WinRAR prior to 6.23 allows malicious users to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name ...
Rarlab Winrar
65 Github repositories
4 Articles
NA
CVE-2022-48579
UnRAR prior to 6.2.3 allows extraction of files outside of the destination folder via symlink chains.
Rarlab Unrar
NA
CVE-2022-43650
This vulnerability allows remote malicious users to disclose sensitive information on affected installations of RARLAB WinRAR 6.11.0.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...
Rarlab Winrar 6.11
5
CVSSv2
CVE-2022-30333
RARLAB UnRAR prior to 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.
Rarlab Unrar
2 Metasploit modules
4 Github repositories
1 Article
6.8
CVSSv2
CVE-2017-20006
UnRAR 5.6.1.2 and 5.6.1.3 has a heap-based buffer overflow in Unpack::CopyString (called from Unpack::Unpack5 and CmdExtract::ExtractCurrentFile).
Rarlab Unrar 5.6.1.2
Rarlab Unrar 5.6.1.3
6.8
CVSSv2
CVE-2018-25018
UnRAR 5.6.1.7 up to and including 5.7.4 and 6.0.3 has an out-of-bounds write during a memcpy in QuickOpen::ReadRaw when called from QuickOpen::ReadNext.
Rarlab Unrar
Rarlab Unrar 6.0.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »