Lucene search
K

14 matches found

NVD
NVD
added 2026/07/01 4:16 a.m.9 views

CVE-2026-14191

An out-of-bounds heap write exists in the RAR5 recovery-volume .rev parser in WinRAR and UnRAR RecVolumes5::ReadHeader in recvol5.cpp. The RecItems vector is sized only when the first .rev file in a set is processed; subsequent .rev files supply an independent RecNum value that is validated again...

7.8CVSS0.00306EPSS
Exploits1References3
OSV
OSV
added 2026/07/01 4:16 a.m.3 views

UBUNTU-CVE-2026-14191

An out-of-bounds heap write exists in the RAR5 recovery-volume .rev parser in WinRAR and UnRAR RecVolumes5::ReadHeader in recvol5.cpp. The RecItems vector is sized only when the first .rev file in a set is processed; subsequent .rev files supply an independent RecNum value that is validated again...

7.8CVSS7.4AI score0.1308EPSS
Exploits2References4
EUVD
EUVD
added 2026/07/01 2:41 a.m.7 views

EUVD-2026-40869

An out-of-bounds heap write exists in the RAR5 recovery-volume .rev parser in WinRAR and UnRAR RecVolumes5::ReadHeader in recvol5.cpp. The RecItems vector is sized only when the first .rev file in a set is processed; subsequent .rev files supply an independent RecNum value that is validated again...

7.8CVSS7.4AI score0.1308EPSS
Exploits2References2
Cvelist
Cvelist
added 2026/07/01 2:41 a.m.39 views

CVE-2026-14191 WinRAR / UnRAR RAR5 recovery-volume (.rev) out-of-bounds heap write in RecVolumes5::ReadHeader

An out-of-bounds heap write exists in the RAR5 recovery-volume .rev parser in WinRAR and UnRAR RecVolumes5::ReadHeader in recvol5.cpp. The RecItems vector is sized only when the first .rev file in a set is processed; subsequent .rev files supply an independent RecNum value that is validated again...

7.8CVSS0.00306EPSS
Exploits1References3
CVE
CVE
added 2026/07/01 2:41 a.m.125 views

CVE-2026-14191

CVE-2026-14191 describes an out-of-bounds heap write in WinRAR/UnRAR’s RAR5 recovery-volume (.rev) parser (RecVolumes5::ReadHeader). The RecItems vector is sized based on the first .rev file; subsequent .rev files supply an independent RecNum that is validated against that file’s TotalCount but n...

7.8CVSS5.8AI score0.00306EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.15 views

PT-2026-54451

Name of the Vulnerable Software and Affected Versions WinRAR versions prior to 7.23 UnRAR versions prior to 7.23 Description An out-of-bounds heap write exists in the RAR5 recovery-volume .rev parser within the RecVolumes5::ReadHeader function in recvol5.cpp. The issue occurs because the RecItems...

7.8CVSS7AI score0.00306EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-40477

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute...

7.8CVSS8AI score0.1308EPSS
Exploits1References2
OSV
OSV
added 2025/03/12 4:11 p.m.7 views

USN-7349-1 rar vulnerabilities

It was discovered that RAR incorrectly handled certain paths. If a user or automated system were tricked into extracting a specially crafted RAR archive, a remote attacker could possibly use this issue to write arbitrary files outside of the targeted directory. CVE-2022-30333 It was discovered th...

7.8CVSS7.2AI score0.98975EPSS
Exploits13References3
OSV
OSV
added 2024/05/03 3:15 a.m.14 views

CVE-2023-40477

RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must...

7.8CVSS7.5AI score
Exploits0References3
Cvelist
Cvelist
added 2024/05/03 2:11 a.m.28 views

CVE-2023-40477 RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability

RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must...

7.8CVSS8.3AI score0.1308EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/05/03 2:11 a.m.32 views

CVE-2023-40477 RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability

RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must...

7.8CVSS7.5AI score0.1308EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/10/27 12:56 a.m.4 views

SUSE CVE-2023-40477

RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must...

7.8CVSS7.5AI score0.1308EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2023/09/11 12:0 a.m.20 views

Mageia: Security Advisory (MGASA-2023-0258)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.1308EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/08/28 12:0 a.m.4 views

RAR 安全漏洞

RAR is an application used for compression. A security vulnerability exists in RAR that stems from a specific flaw in RAR's recovery volume handling process that allows a remote attacker to execute arbitrary code...

7.8CVSS8.2AI score0.1308EPSS
Exploits1References7
Rows per page
Query Builder