Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-28684 | 1 Powerarchiver | 1 Powerarchiver | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
The XML parser used in ConeXware PowerArchiver before 20.10.02 allows processing of external entities, which might lead to exfiltration of local files over the network (via an XXE attack). | |||||
CVE-2014-2319 | 1 Powerarchiver | 1 Powerarchiver | 2024-11-21 | 5.0 MEDIUM | N/A |
The Encrypt Files feature in ConeXware PowerArchiver before 14.02.05 uses legacy ZIP encryption even if the AES 256-bit selection is chosen, which makes it easier for context-dependent attackers to obtain sensitive information via a known-plaintext attack. |