Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
installbuilder installbuilder vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-31694
InstallBuilder Qt installers built with versions previous to 22.10 try to load DLLs from the installer binary parent directory when displaying popups. This may allow an malicious user to plant a malicious DLL in the installer parent directory to allow executing code with the priv...
Installbuilder Installbuilder
392
VMScore
CVE-2021-22037
Under certain circumstances, when manipulating the Windows registry, InstallBuilder uses the reg.exe system command. The full path to the command is not enforced, which results in a search in the search path until a binary can be identified. This makes the installer/uninstaller v...
Vmware Installbuilder
578
VMScore
CVE-2021-22038
On Windows, the uninstaller binary copies itself to a fixed temporary location, which is then executed (the originally called uninstaller exits, so it does not block the installation directory). This temporary location is not randomized and does not restrict access to Administrat...
Vmware Installbuilder
392
VMScore
CVE-2020-3979
InstallBuilder for Qt Windows (versions before 20.7.0) installers look for plugins at a predictable location at initialization time, writable by non-admin users. While those plugins are not required, they are loaded if present, which could allow an malicious user to plant a malic...
Installbuilder Installbuilder
445
VMScore
CVE-2020-3946
InstallBuilder AutoUpdate tool and regular installers enabling <checkForUpdates> built with versions earlier than 19.11 are vulnerable to Billion laughs attack (denial-of-service).
Vmware Installbuilder
605
VMScore
CVE-2019-5530
Windows binaries generated with InstallBuilder versions earlier than 19.7.0 are vulnerable to tampering even if they contain a valid Authenticode signature.
Bitrock Installbuilder
187
VMScore
CVE-2006-2221
A third-party installer generation tool, possibly BitRock InstallBuilder, as used in products including Process-one ejabberd 1.1.1_1 and previous versions, generates an installer that allows local users to cause a denial of service via a symlink attack on the bitrock_installer.lo...
Process-one Ejabberd
Bitrock Install Builder
Process-one Ejabberd 1.1.1.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started