Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unrar vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-12941
libunrar.a in UnRAR prior to 5.5.7 has an out-of-bounds read in the Unpack::Unpack20 function.
Rarlab Unrar
9.8
CVSSv3
CVE-2017-12940
libunrar.a in UnRAR prior to 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function.
Rarlab Unrar
9.8
CVSSv3
CVE-2017-12942
libunrar.a in UnRAR prior to 5.5.7 has a buffer overflow in the Unpack::LongLZ function.
Rarlab Unrar
7.5
CVSSv3
CVE-2017-12938
UnRAR prior to 5.5.7 allows remote malicious users to bypass a directory-traversal protection mechanism via vectors involving a symlink to the . directory, a symlink to the .. directory, and a regular file.
Rarlab Unrar
7.8
CVSSv3
CVE-2017-6419
mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote malicious users to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted CHM file.
Libmspack Project Libmspack 0.5
5.5
CVSSv3
CVE-2017-11423
The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote malicious users to cause a denial of service (stack-based buffer over-read and application crash) via a crafted CAB file.
Libmspack Project Libmspack 0.5
6.5
CVSSv3
CVE-2017-11189
unrarlib.c in unrar-free 0.0.1 might allow remote malicious users to cause a denial of service (NULL pointer dereference and application crash), which could be relevant if unrarlib is used as library code for a long-running application. NOTE: one of the several test cases in the ...
Rarzilla Unrar-free 0.0.1
7.8
CVSSv3
CVE-2017-11190
unrarlib.c in unrar-free 0.0.1, when _DEBUG_LOG mode is enabled, might allow remote malicious users to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via an RAR archive containing a long filename.
Rarzilla Unrar-free 0.0.1
9.8
CVSSv3
CVE-2012-6706
A VMSF_DELTA memory corruption exists in unrar prior to 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine prior to 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative va...
Sophos Threat Detection Engine
Rarlab Unrar
NA
CVE-2008-1568
comix 3.6.4 allows malicious users to execute arbitrary commands via a filename containing shell metacharacters that are not properly sanitized when executing the rar, unrar, or jpegtran programs.
Comix Comix 3.6.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »