← Back

Powerarchiver

powerarchiver

Vendor: Powerarchiver • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-28684
1Powerarchiver
1Powerarchiver
Nov 21, 2024
Jun 21, 2021
N/A· v4
4.3 MEDIUM· v3
4.3 MEDIUM· v2
The XML parser used in ConeXware PowerArchiver before 20.10.02 allows processing of external entities, which might lead to exfiltration of local files over the network (via an XXE attack).
CVE-2014-2319
1Powerarchiver
1Powerarchiver
May 6, 2026
Mar 14, 2014
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The Encrypt Files feature in ConeXware PowerArchiver before 14.02.05 uses legacy ZIP encryption even if the AES 256-bit selection is chosen, which makes it easier for context-dependent attackers to obtain sensitive infor...Show more
The Encrypt Files feature in ConeXware PowerArchiver before 14.02.05 uses legacy ZIP encryption even if the AES 256-bit selection is chosen, which makes it easier for context-dependent attackers to obtain sensitive information via a known-plaintext attack.Show less