Lucene search
+L

26 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2017-11189

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - unrarlib.c in unrar-free 0.0.1 might allow remote attackers to cause a denial of service NULL pointer dereference and application crash, which could be relevant...

6.5CVSS6.5AI score0.01315EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2017-11190

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - unrarlib.c in unrar-free 0.0.1, when DEBUGLOG mode is enabled, might allow remote attackers to cause a denial of service stack-based buffer overflow and...

7.8CVSS7.8AI score0.01019EPSS
Exploits0References2
Veracode
Veracode
added 2021/02/19 1:12 p.m.16 views

Arbitrary Code Execution

unrar-free is vulnerable to arbitrary code execution. A stack-based buffer over-read in unrarlib.c related to ExtrFile and stricomp, allows an attacker to execute arbitrary code on the host OS...

9.1CVSS3.7AI score0.01798EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/02/19 12:0 a.m.25 views

Debian DLA-2567-1 : unrar-free security update

Several issues have been found in unrar-free, an unarchiver for .rar files. CVE-2017-14120 This CVE is related to a directory traversal vulnerability for RAR v2 archives. CVE-2017-14121 This CVE is related to NULL pointer dereference flaw triggered by a specially crafted RAR archive. CVE-2017-141...

9.1CVSS7AI score0.0211EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2021/02/19 12:0 a.m.11 views

Debian: Security Advisory (DLA-2567-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS6.4AI score0.0211EPSS
Exploits0References4
Debian
Debian
added 2021/02/18 10:59 p.m.42 views

[SECURITY] [DLA 2567-1] unrar-free security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2567-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz February 18, 2021 https://wiki.debian.org/LTS -...

9.1CVSS7.2AI score0.0211EPSS
Exploits0
OSV
OSV
added 2021/02/18 12:0 a.m.25 views

DLA-2567-1 unrar-free - security update

Bulletin has no description...

9.1CVSS6.3AI score0.0211EPSS
Exploits0
OpenVAS
OpenVAS
added 2018/02/06 12:0 a.m.32 views

Debian: Security Advisory (DLA-1091-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.0211EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2017/11/10 12:0 a.m.12 views

The vulnerability of the ExtrFile and stricomp functions (unrarlib.c) of the unrar-free or unrar-gpl package, a file decompression tool for UnRAR, allows a hacker to bypass the catalog and trigger a service failure.

The vulnerability of the ExtrFile and stricomp functions unrarlib.c in the unrar-free or unrar-gpl package, a tool for decompressing UnRAR files, arises from the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to bypass the...

9.8CVSS8.1AI score0.01798EPSS
Exploits0References4Affected Software2
Tenable Nessus
Tenable Nessus
added 2017/09/08 12:0 a.m.27 views

Debian DLA-1091-1 : unrar-free security update

It was discovered that there was a directory traversal vulnerability in unrar-free, a unarchiver for .rar files, where pathnames of the form '../filename' were unpacked into the parent directory. For Debian 7 'Wheezy', this issue has been fixed in unrar-free version 1:0.0.1+cvs20071127-2+deb7u1. ...

7.5CVSS7.1AI score0.0211EPSS
Exploits0References3
Debian
Debian
added 2017/09/07 3:48 p.m.28 views

[SECURITY] [DLA 1091-1] unrar-free security update

Package : unrar-free Version : 1:0.0.1+cvs20071127-2+deb7u1 CVE ID : CVE-2017-14120 Debian Bug : 874059 It was discovered that there was a directory traversal vulnerability in unrar-free, a unarchiver for .rar files, where pathnames of the form "../filename" were unpacked into the parent director...

7.5CVSS7.7AI score0.0211EPSS
Exploits0
OSV
OSV
added 2017/09/07 12:0 a.m.20 views

DLA-1091-1 unrar-free - security update

Bulletin has no description...

7.5CVSS7.5AI score0.0211EPSS
Exploits0
Cvelist
Cvelist
added 2017/09/03 8:0 p.m.23 views

CVE-2017-14121

The DecodeNumber function in unrarlib.c in unrar 0.0.1 aka unrar-free or unrar-gpl suffers from a NULL pointer dereference flaw triggered by a crafted RAR archive. NOTE: this may be the same as one of the several test cases in the CVE-2017-11189 references...

6.3AI score0.01118EPSS
Exploits0References3
CNVD
CNVD
added 2017/07/13 12:0 a.m.6 views

unrar-free 'unrarlib.c' Denial of Service Vulnerability

unrar-free is a decompression program used in Linux. A security vulnerability exists in the unrarlib.c file in unrar-free version 0.0.1. A remote attacker can exploit this vulnerability to cause a denial of service null pointer backreference and application crash...

6.5CVSS5.8AI score0.01315EPSS
Exploits1References1
CNVD
CNVD
added 2017/07/13 12:0 a.m.5 views

unrar-free 'unrarlib.c' denial of service vulnerability (CNVD-2017-23304)

unrar-free is a decompression program used in Linux. A security vulnerability exists in the unrarlib.c file in unrar-free version 0.0.1. A remote attacker can exploit this vulnerability to cause a denial of service heap buffer overflow and application crash via a RAR archive file containing a lon...

7.8CVSS7.6AI score0.01019EPSS
Exploits0References1
NVD
NVD
added 2017/07/12 4:29 p.m.17 views

CVE-2017-11189

unrarlib.c in unrar-free 0.0.1 might allow remote attackers to cause a denial of service NULL pointer dereference and application crash, which could be relevant if unrarlib is used as library code for a long-running application. NOTE: one of the several test cases in the references may be the sam...

6.5CVSS6AI score0.01315EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2017/07/12 4:29 p.m.36 views

CVE-2017-11189

unrarlib.c in unrar-free 0.0.1 might allow remote attackers to cause a denial of service NULL pointer dereference and application crash, which could be relevant if unrarlib is used as library code for a long-running application. NOTE: one of the several test cases in the references may be the sam...

6.5CVSS6.5AI score0.01315EPSS
Exploits1References2
NVD
NVD
added 2017/07/12 4:29 p.m.13 views

CVE-2017-11190

unrarlib.c in unrar-free 0.0.1, when DEBUGLOG mode is enabled, might allow remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via an RAR archive containing a long filename...

7.8CVSS8.4AI score0.01019EPSS
Exploits0References1
OSV
OSV
added 2017/07/12 4:29 p.m.5 views

UBUNTU-CVE-2017-11189

unrarlib.c in unrar-free 0.0.1 might allow remote attackers to cause a denial of service NULL pointer dereference and application crash, which could be relevant if unrarlib is used as library code for a long-running application. NOTE: one of the several test cases in the references may be the sam...

6.5CVSS6.4AI score0.01315EPSS
Exploits1References3
OSV
OSV
added 2017/07/12 4:29 p.m.8 views

CVE-2017-11190

unrarlib.c in unrar-free 0.0.1, when DEBUGLOG mode is enabled, might allow remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via an RAR archive containing a long filename...

7.8CVSS8.1AI score
Exploits0References1
Rows per page
Query Builder