Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
roller vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2013-4668
Directory traversal vulnerability in File Roller 3.6.x prior to 3.6.4, 3.8.x prior to 3.8.3, and 3.9.x prior to 3.9.3, when libarchive is used, allows remote malicious users to create arbitrary files via a crafted archive that is not properly handled in a "Keep directory str...
File Roller Project File Roller
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.04
4.3
CVSSv2
CVE-2021-33580
User controlled `request.getHeader("Referer")`, `request.getRequestURL()` and `request.getQueryString()` are used to build and run a regex expression. The attacker doesn't have to use a browser and may send a specially crafted Referer header programmatically. Since...
Apache Roller
NA
CVE-2023-37581
Insufficient input validation and sanitation in Weblog Category name, Website About and File Upload features in all versions of Apache Roller on all platforms allows an authenticated user to perform an XSS attack. Mitigation: if you do not have Roller configured for untrusted use...
Apache Roller
2.6
CVSSv2
CVE-2020-36314
fr-archive-libarchive.c in GNOME file-roller up to and including 3.38.0, as used by GNOME Shell and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. NOTE: this issue e...
Gnome File-roller
Fedoraproject Fedora 34
5.4
CVSSv2
CVE-2014-7087
The Top Roller Coasters Europe 1 (aka com.appaapps.top10tallesteuropeanrollercoasters1) application @7F050001 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a cr...
Appa-apps Top Roller Coasters Europe 1 \\@7f050001
5.4
CVSSv2
CVE-2014-7802
The Top Roller Coasters Europe 2 (aka com.appaapps.top10tallesteuropeanrollercoasters2) application @7F050001 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a cr...
Appa-apps Top Roller Coasters Europe 2 \\@7f050001
3.3
CVSSv2
CVE-2020-11736
fr-archive-libarchive.c in GNOME file-roller up to and including 3.36.1 allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended extraction location.
Gnome File-roller
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
2.6
CVSSv2
CVE-2019-16680
An issue exists in GNOME file-roller prior to 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction.
Gnome File-roller
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAP
CVE-2024-4367
server-side request forgery
information disclosure
CVE-2024-34342
CVE-2024-4281
CVE-2024-3507
CVE-2024-25560
CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2