VYPR

Bandizip

by Bandisoft

CVEs (3)

  • CVE-2025-33027Apr 15, 2025
    risk 0.00cvss epss 0.00

    In Bandisoft Bandizip through 7.37, there is a Mark-of-the-Web Bypass Vulnerability. This vulnerability allows attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of Bandizip. User interaction is required to exploit this vulnerability in that…

  • CVE-2021-26623Apr 1, 2022
    risk 0.00cvss epss 0.01

    A remote code execution vulnerability due to incomplete check for 'xheader_decode_path_record' function's parameter length value in the ark library. Remote attackers can induce exploit malicious code using this function.

  • CVE-2014-1680Feb 14, 2014
    risk 0.00cvss epss 0.01

    Untrusted search path vulnerability in Bandisoft Bandizip before 3.10 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory.