Vulnerabilities > Rarlab

DATE CVE VULNERABILITY TITLE RISK
2019-02-13 CVE-2018-20253 Out-Of-Bounds Write vulnerability in Rarlab Winrar
In WinRAR versions prior to and including 5.60, There is an out-of-bounds write vulnerability during parsing of a crafted LHA / LZH archive formats.
network
rarlab CWE-787
6.8
2019-02-05 CVE-2018-20252 Out-Of-Bounds Write vulnerability in Rarlab Winrar
In WinRAR versions prior to and including 5.60, there is an out-of-bounds write vulnerability during parsing of crafted ACE and RAR archive formats.
network
rarlab CWE-787
6.8
2019-02-05 CVE-2018-20251 Path Traversal vulnerability in Rarlab Winrar
In WinRAR versions prior to and including 5.61, there is path traversal vulnerability when crafting the filename field of the ACE format.
network
rarlab CWE-22
4.3
2019-02-05 CVE-2018-20250 Path Traversal vulnerability in Rarlab Winrar
In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll).
network
rarlab CWE-22
6.8
2017-09-03 CVE-2017-14122 Out-Of-Bounds Read vulnerability in Rarlab Unrar 0.0.1
unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a stack-based buffer over-read in unrarlib.c, related to ExtrFile and stricomp.
network
low complexity
rarlab CWE-125
7.5
2017-09-03 CVE-2017-14121 Null Pointer Dereference vulnerability in Rarlab Unrar 0.0.1
The DecodeNumber function in unrarlib.c in unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a NULL pointer dereference flaw triggered by a specially crafted RAR archive.
network
rarlab CWE-476
6.8
2017-09-03 CVE-2017-14120 Path Traversal vulnerability in Rarlab Unrar 0.0.1
unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a directory traversal vulnerability for RAR v2 archives: pathnames of the form ../[filename] are unpacked into the upper directory.
network
low complexity
rarlab CWE-22
5.0
2017-08-18 CVE-2017-12942 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Rarlab Unrar
libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the Unpack::LongLZ function.
network
low complexity
rarlab CWE-119
7.5
2017-08-18 CVE-2017-12941 Out-Of-Bounds Read vulnerability in Rarlab Unrar
libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the Unpack::Unpack20 function.
network
low complexity
rarlab CWE-125
7.5
2017-08-18 CVE-2017-12940 Out-Of-Bounds Read vulnerability in Rarlab Unrar
libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function.
network
low complexity
rarlab CWE-125
7.5