powerarchiver 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
Historical issues mainly involve vendor risk xxe and バッファオーバーフロー and related security problems, affecting ファイル処理、自動展開, and アーカイブ処理 scenarios.
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2021-28684 | The XML parser used in ConeXware PowerArchiver before 20.10.02 allows processing of external entities, which might lead to exfiltration of local files over the network (via an XXE attack). | [email protected] | 4.3 | 0.23% | 2021-06-21 | 2024-11-21 |
| CVE-2014-2319 | The Encrypt Files feature in ConeXware PowerArchiver before 14.02.05 uses legacy ZIP encryption even if the AES 256-bit selection is chosen, which makes it easier for context-dependent attackers to obtain sensitive information via a known-plaintext attack. | [email protected] | 5.0 | 0.14% | 2014-03-14 | 2026-05-06 |
| CVE-2005-3061 | Multiple stack-based buffer overflows in PowerArchiver 8.10 through 9.5 Beta 4 and Beta 5 allow remote attackers to execute arbitrary code via a long filename in a (1) ACE or (2) ARJ archive. | [email protected] | 7.5 | 3.85% | 2005-09-27 | 2026-04-16 |