CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2014-1754

Malware in sbrugna...

6.9CVSS6.4AI score0.00055EPSS

Exploits3References6

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-14686

Malicious code in bioql PyPI...

7.8CVSS6.6AI score0.00122EPSS

Exploits0References2

RedhatCVE•added 2025/04/17 2:19 a.m.•9 views

CVE-2025-33027

In Bandisoft Bandizip through 7.37, there is a Mark-of-the-Web Bypass Vulnerability. This vulnerability allows attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of Bandizip. User interaction is required to exploit this vulnerability in that the target must vis...

7.8CVSS7.1AI score0.00122EPSS

Exploits0References1

NVD•added 2025/04/15 6:15 p.m.•12 views

CVE-2025-33027

7.8CVSS0.00122EPSS

Exploits0References2

OSV•added 2025/04/15 6:15 p.m.•3 views

CVE-2025-33027

7.8CVSS6.1AI score0.00122EPSS

Exploits0References2

Positive Technologies•added 2025/04/15 12:0 a.m.•1 views

PT-2025-16366 · Bandizip · Bandizip

Name of the Vulnerable Software and Affected Versions: Bandizip versions 7.37 and earlier Description: A Mark-of-the-Web Bypass Vulnerability exists in Bandizip, allowing attackers to bypass the Mark-of-the-Web protection mechanism on affected installations. User interaction is required to exploi...

7.8CVSS6.7AI score0.00122EPSS

Exploits0References9

CNNVD•added 2025/04/15 12:0 a.m.•2 views

Bandisoft Bandizip 安全漏洞

Bandisoft Bandizip is a ZIP archive manager from the Korean company Bandisoft. A security vulnerability exists in Bandisoft Bandizip 7.37 and earlier versions, which stems from a Mark-of-the-Web protection mechanism bypass that could lead to the execution of arbitrary code...

7.8CVSS6.9AI score0.00122EPSS

Exploits0References3

Cvelist•added 2025/04/15 12:0 a.m.•8 views

CVE-2025-33027

6.1CVSS0.00122EPSS

Exploits0References2

CVE•added 2025/04/15 12:0 a.m.•75 views

CVE-2025-33027

CVE-2025-33027 concerns Bandizip up to version 7.37 where a Mark-of-the-Web bypass exists in the handling of archived files. When extracting crafted archives bearing MoW, Bandizip fails to propagate the marker to extracted files, potentially allowing arbitrary code execution in the current user c...

7.8CVSS6.8AI score0.00122EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2025/04/15 12:0 a.m.•5 views

CVE-2025-33027

6.1CVSS6.8AI score0.00122EPSS

Exploits0References2

CNVD•added 2021/01/20 12:0 a.m.•5 views

Bandizip software suffers from dll hijacking vulnerability

Bandizip is a reliable and fast compression software. Bandizip software suffers from a dll hijacking vulnerability that can be exploited by attackers to gain privileges on the victim's host...

7.3AI score

Exploits0

CNVD•added 2018/09/28 12:0 a.m.•1 views

Denial of Service Vulnerability in Bandizip

Bandizip is a compressed package processing tool. A denial of service vulnerability exists in Bandizip. An attacker can exploit the vulnerability to process malformed zip archives malformed BMP images inside the archive which can cause the program to crash, and if successfully exploited can lead ...

7.7AI score

Exploits0

seebug.org•added 2014/02/19 12:0 a.m.•57 views

Bandizip不安全库加载漏洞

CVECAN ID: CVE-2014-1680 Bandizip是免费的轻量级Zip压缩软件。 Bandisoft Bandizip 3.10之前版本加载库（例如dwmapi.dll的方式不安全，攻击者通过诱使用户打开远程WebDAV或SMB共享上的文件，利用此漏洞可加载任意库。 0 bandisoft Bandizip 3.08 厂商补丁： bandisoft --------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.bandisoft.com/bandizip/history/ / Exploit Title: Bandizip...

6.9CVSS6.5AI score0.00055EPSS

Exploits3

NVD•added 2014/02/14 1:10 p.m.•11 views

CVE-2014-1680

Untrusted search path vulnerability in Bandisoft Bandizip before 3.10 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory...

6.9CVSS6.4AI score0.00055EPSS

Exploits3References4

Prion•added 2014/02/14 1:10 p.m.•18 views

Design/Logic Flaw

Untrusted search path vulnerability in Bandisoft Bandizip before 3.10 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory...

6.9CVSS6.9AI score0.00055EPSS

Exploits3References4Affected Software1

CVE•added 2014/02/14 2:0 a.m.•51 views

CVE-2014-1680

CVE-2014-1680 affects Bandizip (Bandisoft) prior to version 3.10. The vulnerability is a DLL hijacking/unsafe library loading issue where an attacker can place a dwmapi.dll in the current working directory, enabling local privilege escalation. The root cause is untrusted search path loading of an...

6.9CVSS6.7AI score0.00055EPSS

Exploits3References4Affected Software1

Cvelist•added 2014/02/14 2:0 a.m.•19 views

CVE-2014-1680

Untrusted search path vulnerability in Bandisoft Bandizip before 3.10 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory...

6.4AI score0.00055EPSS

Exploits3References4

Packet Storm•added 2014/02/08 12:0 a.m.•23 views

Bandizip 3.09 Crash Proof Of Concept

!/usr/bin/env ruby Exploit Title: Bandizip 3.09 .zip Crash POC Date: February 6th 2014 Author: Osanda Malith Jayathissa E-Mail: osandajayathissagmail.com Version: 3.09 32bit and 64bit Below versions might be affected Vendor Homepage: http://www.bandisoft.com/ Tested on: Windows XP 32-bit SP2 en,...

7.4AI score

Exploits0

Packet Storm•added 2014/02/05 12:0 a.m.•31 views

Bandizip 3.09 DLL Hijack

/ Exploit Title: Bandizip 3.09 DLL Hijacking Exploit dwmapi.dll Date: February 5th 2014 Author: Osanda Malith Jayathissa E-Mail: osandajayathissagmail.com Version: 3.09 Vendor Homepage: http://www.bandisoft.com/ Tested on: Windows XP SP2 en Vulnerable extensions: All Extensions CVE: CVE-2014-1680...

6.9CVSS0.2AI score0.00055EPSS

Exploits3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by