Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Rarlab Subscribe
Total 45 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2004-1254 1 Rarlab 1 Winrar 2026-06-16 10.0 HIGH N/A
WinRAR 3.40, and possibly earlier versions, allows remote attackers to execute arbitrary code via a ZIP file containing a file with a long filename, possibly causing an integer overflow that leads to a buffer overflow.
CVE-2004-0235 8 Clearswift, F-secure, Rarlab and 5 more 13 Mailsweeper, F-secure Anti-virus, F-secure For Firewalls and 10 more 2026-06-16 6.4 MEDIUM N/A
Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").
CVE-2004-0234 8 Clearswift, F-secure, Rarlab and 5 more 13 Mailsweeper, F-secure Anti-virus, F-secure For Firewalls and 10 more 2026-06-16 10.0 HIGH N/A
Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.
CVE-2003-1445 1 Rarlab 1 Far Manager 2026-06-16 4.6 MEDIUM N/A
Stack-based buffer overflow in Far Manager 1.70beta1 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long pathname.
CVE-2019-25677 1 Rarlab 1 Winrar 2026-04-09 N/A 6.2 MEDIUM
WinRAR 5.61 contains a denial of service vulnerability that allows local attackers to crash the application by placing a malformed winrar.lng language file in the installation directory. Attackers can trigger the crash by opening an archive and pressing the test button, causing an access violation at memory address 004F1DB8 when the application attempts to read invalid data.