Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nullsoft nullsoft scriptable install system vulnerabilities and exploits
(subscribe to this query)
828
VMScore
CVE-2015-9268
Nullsoft Scriptable Install System (NSIS) prior to 2.49 has unsafe implicit linking against Version.dll. In other words, there is no protection mechanism in which a wrapper function resolves the dependency at an appropriate time during runtime.
Nullsoft Nullsoft Scriptable Install System
Debian Debian Linux 8.0
383
VMScore
CVE-2015-0941
The Inetc plugin for Nullsoft Scriptable Install System (NSIS), as used in CERT/CC Failure Observation Engine (FOE) and other products, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and possibly execute arbitr...
Inetc Project Inetc
1 Github repository
320
VMScore
CVE-2015-9267
Nullsoft Scriptable Install System (NSIS) prior to 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files. This allows a local attack in which either a plugin or the uninstaller can be replaced by a Trojan horse program.
Nullsoft Nullsoft Scriptable Install System
Debian Debian Linux 8.0
NA
CVE-2023-37378
Nullsoft Scriptable Install System (NSIS) prior to 3.09 mishandles access control for an uninstaller directory.
Nullsoft Nullsoft Scriptable Install System
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started