RARLAB

WinRAR

27 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2025-8088

Warnung Medienbericht
  • EPSS 4.19%
  • Veröffentlicht 08.08.2025 11:11:41
  • Zuletzt bearbeitet 16.09.2025 13:53:26

A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Koši...

8.4

CVE-2014-125119

  • EPSS 0.28%
  • Veröffentlicht 25.07.2025 16:15:26
  • Zuletzt bearbeitet 29.07.2025 14:14:55

A filename spoofing vulnerability exists in WinRAR when opening specially crafted ZIP archives. The issue arises due to inconsistencies between the Central Directory and Local File Header entries in ZIP files. When viewed in WinRAR, the file name fro...

7.8

CVE-2025-6218

Medienbericht
  • EPSS 0.49%
  • Veröffentlicht 21.06.2025 00:09:02
  • Zuletzt bearbeitet 25.06.2025 19:03:33

RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that...

6.8

CVE-2025-31334

Medienbericht
  • EPSS 0.22%
  • Veröffentlicht 03.04.2025 06:15:42
  • Zuletzt bearbeitet 01.07.2025 15:10:55

Issue that bypasses the "Mark of the Web" security warning function for files when opening a symbolic link that points to an executable file exists in WinRAR versions prior to 7.11. If a symbolic link specially crafted by an attacker is opened on the...

7.5

CVE-2024-36052

  • EPSS 0.12%
  • Veröffentlicht 21.05.2024 17:15:09
  • Zuletzt bearbeitet 21.11.2024 09:21:31

RARLAB WinRAR before 7.00, on Windows, allows attackers to spoof the screen output via ANSI escape sequences, a different issue than CVE-2024-33899.

7.8

CVE-2023-40477

  • EPSS 92.95%
  • Veröffentlicht 03.05.2024 03:15:20
  • Zuletzt bearbeitet 20.06.2025 18:13:59

RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exp...

7.1

CVE-2024-33899

  • EPSS 1.03%
  • Veröffentlicht 29.04.2024 00:15:07
  • Zuletzt bearbeitet 21.11.2024 09:17:41

RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the screen output, or cause a denial of service, via ANSI escape sequences.

4.3

CVE-2024-30370

  • EPSS 0.62%
  • Veröffentlicht 02.04.2024 21:15:50
  • Zuletzt bearbeitet 20.06.2025 18:15:03

RARLAB WinRAR Mark-Of-The-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-Of-The-Web protection mechanism on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability i...

7.8

CVE-2023-38831

Warnung Medienbericht Exploit
  • EPSS 93.8%
  • Veröffentlicht 23.08.2023 17:15:43
  • Zuletzt bearbeitet 20.12.2024 17:50:59

RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder t...

7.1

CVE-2022-43650

  • EPSS 1.24%
  • Veröffentlicht 29.03.2023 19:15:21
  • Zuletzt bearbeitet 21.11.2024 07:26:58

This vulnerability allows remote attackers to disclose sensitive information on affected installations of RARLAB WinRAR 6.11.0.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a mali...