threat
engine
.sh
Back
·
··:··
Home
/
Product
/
gfi archiver
Product
gfi archiver
13 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-2039
all versions
GFI Archiver MArc.Store Missing Authorization Authentication Bypass Vulnerability. This vulnerability allows remote attackers to b
9.8
CRITICAL
CVE-2026-2038
all versions
GFI Archiver MArc.Core Missing Authorization Authentication Bypass Vulnerability. This vulnerability allows remote attackers to by
9.8
CRITICAL
CVE-2026-2037
all versions
GFI Archiver MArc.Core Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote att
8.8
HIGH
CVE-2026-2036
all versions
GFI Archiver MArc.Store Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote at
8.8
HIGH
CVE-2024-11949
< 15.7
GFI Archiver Store Service Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote
8.8
HIGH
CVE-2024-11948
< 15.7
GFI Archiver Telerik Web UI Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary c
9.8
CRITICAL
CVE-2024-11947
< 15.7
GFI Archiver Core Service Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote
8.8
HIGH
CVE-2024-0406
>= 3.0.0 and < 4.0.0
A flaw was discovered in the mholt/archiver package. This flaw allows an attacker to create a specially crafted tar file, which, w
6.1
MEDIUM
CVE-2018-25046
< 2018-05-23
Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside
9.1
CRITICAL
CVE-2021-29281
< 15.2
File upload vulnerability in GFI Mail Archiver versions up to and including 15.1 via insecure implementation of Telerik Web UI plu
9.8
CRITICAL
CVE-2019-10743
>= 3.0.0 and < 3.3.2
All versions of archiver allow attacker to perform a Zip Slip attack via the "unarchive" functions. It is exploited using a specia
5.5
MEDIUM
CVE-2018-1002207
<= 2.0
mholt/archiver golang package before e4ef56d48eb029648b0e895bb0b6a393ef0829c3 is vulnerable to directory traversal, allowing attac
5.5
MEDIUM
CVE-2006-1611
all versions
Directory traversal vulnerability in KGB Archiver before 1.1.5.22 allows remote attackers to overwrite arbitrary files wile decomp
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin