Vulnerabilities > Rarlab
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-13 | CVE-2018-20253 | Out-Of-Bounds Write vulnerability in Rarlab Winrar In WinRAR versions prior to and including 5.60, There is an out-of-bounds write vulnerability during parsing of a crafted LHA / LZH archive formats. | 6.8 |
| 2019-02-05 | CVE-2018-20252 | Out-Of-Bounds Write vulnerability in Rarlab Winrar In WinRAR versions prior to and including 5.60, there is an out-of-bounds write vulnerability during parsing of crafted ACE and RAR archive formats. | 6.8 |
| 2019-02-05 | CVE-2018-20251 | Path Traversal vulnerability in Rarlab Winrar In WinRAR versions prior to and including 5.61, there is path traversal vulnerability when crafting the filename field of the ACE format. | 4.3 |
| 2019-02-05 | CVE-2018-20250 | Path Traversal vulnerability in Rarlab Winrar In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). | 6.8 |
| 2017-09-03 | CVE-2017-14122 | Out-Of-Bounds Read vulnerability in Rarlab Unrar 0.0.1 unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a stack-based buffer over-read in unrarlib.c, related to ExtrFile and stricomp. | 7.5 |
| 2017-09-03 | CVE-2017-14121 | Null Pointer Dereference vulnerability in Rarlab Unrar 0.0.1 The DecodeNumber function in unrarlib.c in unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a NULL pointer dereference flaw triggered by a specially crafted RAR archive. | 6.8 |
| 2017-09-03 | CVE-2017-14120 | Path Traversal vulnerability in Rarlab Unrar 0.0.1 unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a directory traversal vulnerability for RAR v2 archives: pathnames of the form ../[filename] are unpacked into the upper directory. | 5.0 |
| 2017-08-18 | CVE-2017-12942 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Rarlab Unrar libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the Unpack::LongLZ function. | 7.5 |
| 2017-08-18 | CVE-2017-12941 | Out-Of-Bounds Read vulnerability in Rarlab Unrar libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the Unpack::Unpack20 function. | 7.5 |
| 2017-08-18 | CVE-2017-12940 | Out-Of-Bounds Read vulnerability in Rarlab Unrar libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function. | 7.5 |