Every CVE whose affected-product data names Bandisoft Ark Library, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2021-26603 — CVSS 8.6 (high): A heap overflow issue was found in ARK library of bandisoft Co., Ltd when the Ark_DigPathA function parsed a file path. This vulnerability…
CVE-2021-26615 — CVSS 7.8 (high): ARK library allows attackers to execute remote code via the parameter(path value) of Ark_NormalizeAndDupPAthNameW function because of an…
CVE-2021-26635 — CVSS 7.8 (high): In the code that verifies the file size in the ark library, it is possible to manipulate the offset read from the target file due to the…