CVE-2025-31334

MEDIUM Year: 2025
CVSS v3 Score
6.8
Medium
Weakness Type
CWE-356
View all →

Vulnerability Description

Issue that bypasses the "Mark of the Web" security warning function for files when opening a symbolic link that points to an executable file exists in WinRAR versions prior to 7.11. If a symbolic link specially crafted by an attacker is opened on the affected product, arbitrary code may be executed.

Related Vulnerabilities

CVE-2024-3044

MEDIUM
CVSS:6.5(Medium)

Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt will execute scripts built-into LibreOffice on clic...

CWE-3562024

CVE-2018-10595

MEDIUM
CVSS:6.3(Medium)

A vulnerability in ReadA version 1.1.0.2 and previous allows an authorized user with access to a privileged account on a BD Kiestra system (Kiestra TLA, Kiestra WCA, and InoqulA+ specimen processor) t...

CWE-3562018

CVE-2019-13322

HIGH
CVSS:7.5(High)

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Browser Prior to 10.4.0. User interaction is required to exploit this vulnerability in that t...

CWE-3562019

CVE-2024-2609

MEDIUM
CVSS:6.1(Medium)

The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This vulnerability affects Firefox < 124, Firefox ESR <...

CWE-3562024

CVE-2022-35873

HIGH
CVSS:7.8(High)

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114). User interaction is required to exploit this vulne...

CWE-3562022

CVE-2022-36970

HIGH
CVSS:7.8(High)

This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 20.0 Build: 4201.2111.1802.0000 Service Pack 2. User interaction is required to exploit thi...

CWE-3562022