CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

88 matches found

CVE•added 2025/12/05 10:32 p.m.•12 views

CVE-2025-14111

CVE-2025-14111 affects Rarlab RAR App for Android up to version 7.11 Build 127, specifically the com.rarlab.rar component. The issue is a path traversal vulnerability that could enable a remote attack; exploitability is described as complex/hard, but publicly disclosed. The vulnerability is mitig...

8.1CVSS6.1AI score0.00276EPSS

Exploits1References4Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-28291

Malicious code in bioql PyPI...

4.3CVSS4.8AI score0.00492EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-46646

Malicious code in bioql PyPI...

7.1CVSS4.2AI score0.01845EPSS

Exploits0References2

OpenVAS•added 2025/08/11 12:0 a.m.•3 views

RARLAB WinRAR Path Traversal Vulnerability (Aug 2025) - Windows

RARLAB WinRAR is prone to a path traversal vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:rarlab:winrar";...

8.8CVSS7.2AI score0.11605EPSS

Exploits34References5

Tenable Nessus•added 2025/07/14 12:0 a.m.•6 views

RARLAB WinRAR < 7.12 Beta 1 Directory Traversal Remote Code Execution (CVE-2025-6218)

The remote host is running RARLAB WinRAR, an archive manager for Windows, whose reported version is prior to 7.12 Beta 1. It is, therefore, affected by a vulnerability: - RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute...

7.8CVSS8.1AI score0.05692EPSS

Exploits8References3

RedhatCVE•added 2025/06/23 8:38 a.m.•11 views

CVE-2025-6218

RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open...

7.8CVSS7.8AI score0.05692EPSS

Exploits8References1

NVD•added 2025/06/21 1:15 a.m.•7 views

CVE-2025-6218

7.8CVSS0.05692EPSS

Exploits8References5

Cvelist•added 2025/06/21 12:9 a.m.•9 views

CVE-2025-6218 RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability

7.8CVSS0.05692EPSS

Exploits8References2

CVE•added 2025/06/21 12:9 a.m.•296 views

CVE-2025-6218

CVE-2025-6218 affects WinRAR and enables directory traversal during archive extraction, allowing code execution in the user context. Public PoCs and exploits (GitHub) demonstrate placing payloads into sensitive locations (e.g., Startup folder) to achieve RCE. Affected versions are WinRAR ≤ 7.11; ...

7.8CVSS8AI score0.05692EPSS

In wildExploits8References5Affected Software1

Vulnrichment•added 2025/06/21 12:9 a.m.•6 views

CVE-2025-6218 RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability

7.8CVSS8AI score0.05692EPSS

Exploits8References2

Zero Day Initiative•added 2025/06/19 12:0 a.m.•13 views

RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of file...

7.8CVSS6.7AI score0.05692EPSS

Exploits8References1

RedhatCVE•added 2025/05/22 11:55 p.m.•4 views

CVE-2022-43650

This vulnerability allows remote attackers to disclose sensitive information on affected installations of RARLAB WinRAR 6.11.0.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.1CVSS6.1AI score0.01845EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 10:1 p.m.•5 views

CVE-2022-30333

RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract aka unpack operation, as demonstrated by creating a /.ssh/authorizedkeys file. NOTE: WinRAR and Android RAR are unaffected...

7.5CVSS7AI score0.92793EPSS

Exploits12References1

GithubExploit•added 2024/12/03 11:13 a.m.•260 views

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

CVE-2023-38831 Exploit Proof-of-Concept Overview This rep...

7.8CVSS7AI score0.93878EPSS

Exploits49

GithubExploit•added 2024/06/17 7:30 a.m.•407 views

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

💥 WinRAR Vulnerability Description CVE-2023-38831 There...

7.8CVSS7.4AI score0.93878EPSS

Exploits49

CVE•added 2024/05/21 4:37 p.m.•120 views

CVE-2024-36052

CVE-2024-36052: WinRAR before 7.00 on Windows permits spoofing of screen output via ANSI escape sequences. Connected sources also note ANSI escape handling in unrar implementations on Linux/UNIX (Astra Linux) and Linux advisories; remediation generally requires upgrading to patched/unaffected ver...

7.5CVSS6.5AI score0.00134EPSS

Exploits1References2Affected Software1

NVD•added 2024/05/03 3:15 a.m.•20 views

CVE-2023-40477

RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must...

7.8CVSS8AI score0.91887EPSS

Exploits1References3