CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

175 matches found

GithubExploit•added 2025/08/13 11:5 a.m.•431 views

Exploit for Path Traversal in Rarlab Winrar

CVE-2025-8088 WinRAR Proof of Concept PoC-Exploit !PoCht...

8.8CVSS7.1AI score0.11605EPSS

Exploits34

Tenable Nessus•added 2025/08/07 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2022-48579

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains. CVE-2022-48579 Note that Nessus relies on the presence of th...

7.5CVSS6.5AI score0.00081EPSS

Exploits0References2

Tenable Nessus•added 2025/03/12 12:0 a.m.•28 views

Ubuntu 20.04 LTS / 22.04 LTS : UnRAR vulnerabilities (USN-7350-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7350-1 advisory. It was discovered that UnRAR incorrectly handled certain paths. If a user or automated system were tricked into extracting a specially crafte...

7.8CVSS7.5AI score0.92793EPSS

Exploits14References5

OSV•added 2024/06/11 7:35 a.m.•11 views

SUSE-SU-2024:1975-1 Security update for unrar

This update for unrar fixes the following issues: - CVE-2024-33899: Fixed a denial of service via ANSI escape squences. bsc1225661...

7.1CVSS6.8AI score0.01394EPSS

Exploits1References3

OSV•added 2023/11/22 10:15 p.m.•85 views

CVE-2023-49102

NZBGet 21.1 allows authenticated remote code execution because the unarchive programs 7za and unrar preserve executable file permissions. An attacker with the Control capability can execute a file by setting the value of SevenZipCommand or UnrarCmd. NOTE: This vulnerability only affects products...

8.8CVSS7.8AI score

Exploits0References2

CVE•added 2023/11/22 12:0 a.m.•40 views

CVE-2023-49102

NZBGet 21.1 is affected by an authenticated remote code execution vulnerability. The root cause is that the unarchive helpers 7za and unrar preserve executable permissions, allowing an attacker with Control privileges to execute a file by setting SevenZipCommand or UnrarCmd. This issue impacts pr...

8.8CVSS8.9AI score0.01715EPSS

Exploits1References2Affected Software1

Gentoo Linux•added 2023/09/17 12:0 a.m.•39 views

RAR, UnRAR: Arbitrary File Overwrite

Background RAR and UnRAR provide command line interfaces for compressing and decompressing RAR files. Description Due to an error in the validation of symbolic links within archives, RAR and UnRAR can potentially write files to a directory which is outside of the intended unpack directory. Impact...

7.8CVSS7.9AI score0.92793EPSS

Exploits13

Tenable Nessus•added 2023/09/17 12:0 a.m.•41 views

GLSA-202309-04 : RAR, UnRAR: Arbitrary File Overwrite

The remote host is affected by the vulnerability described in GLSA-202309-04 RAR, UnRAR: Arbitrary File Overwrite - RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract aka unpack operation, as demonstrated by creating a /.ssh/authorizedkeys...

7.8CVSS8.5AI score0.92793EPSS

Exploits13References6

Redos•added 2023/09/12 12:0 a.m.•15 views

ROS-20230911-08

Vulnerability of UnRAR file unzipping tool is related to incorrect link resolution before accessing a file "Jump to link". before accessing the file "Follow link". Exploitation of the vulnerability could allow an attacker acting remotely to extract files outside the destination folder using file...

7.5CVSS6.8AI score0.00081EPSS

Exploits0

OpenVAS•added 2023/09/11 12:0 a.m.•20 views

Mageia: Security Advisory (MGASA-2023-0258)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.91887EPSS

Exploits1References4

Tenable Nessus•added 2023/08/18 12:0 a.m.•23 views

Debian dla-3535 : libunrar-dev - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3535 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3535-1 [email protected] https://www.debian.org/lts/security/...

7.5CVSS6.6AI score0.00081EPSS

Exploits0References4

Debian•added 2023/08/17 3:29 p.m.•18 views

[SECURITY] [DLA 3535-1] unrar-nonfree security update

Debian LTS Advisory DLA-3535-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany August 17, 2023 https://wiki.debian.org/LTS Package : unrar-nonfree Version : 1:5.6.6-1+deb10u3 CVE ID : CVE-2022-48579 It was discovered that UnRAR, an unarchiver for rar files, allows...

7.5CVSS6.8AI score0.00081EPSS

Exploits0