Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
software updater vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2020-12463
An elevation of privilege vulnerability exists in Avira Software Updater prior to 2.0.6.27476 due to improperly handling file hard links. This allows local users to obtain take control of arbitrary files.
Avira Software Updater
4.6
CVSSv2
CVE-2019-17449
Avira Software Updater prior to 2.0.6.21094 allows a DLL side-loading attack. NOTE: The vendor thinks that this vulnerability is invalid because exploiting it would require at least administrator privileges and would gain only SYSTEM privileges
Avira Software Updater
6.3
CVSSv2
CVE-2020-12431
A Windows privilege change issue exists in Splashtop Software Updater prior to 1.5.6.16. Insecure permissions on the configuration file and named pipe allow for local privilege escalation to NT AUTHORITY/SYSTEM, by forcing a permission change to any Splashtop files and directorie...
Splashtop Software Updater
Splashtop Streamer
9.3
CVSSv2
CVE-2017-6466
F-Secure Software Updater 2.20, as distributed in several F-Secure products, downloads installation packages over plain http and does not perform file integrity validation after download. Man-in-the-middle attackers can replace the file with their own executable which will be exe...
F-secure Software Updater 2.20
7.2
CVSSv2
CVE-2018-6084
Insufficiently sanitized distributed objects in Updater in Google Chrome on macOS before 66.0.3359.117 allowed a local malicious user to execute arbitrary code via an executable file.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
1 EDB exploit
4.4
CVSSv2
CVE-2020-5674
Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an malicious user to gain privileges via a Trojan horse DLL in an unspecified directory.
Epson Album Print -
Epson Color Calibration Utility -
Epson Colorbase -
Epson Colorio Easy Print -
Epson Connect -
Epson Creativity Suite -
Epson E-photo -
Epson Easy Photo Print -
Epson Easy Settings -
Epson Imaging Workshop -
Epson Link2 -
Epson Multi-print Quicker -
Epson Net Config -
Epson Net Config Se -
Epson Net Print -
Epson Net Software Development Kit -
Epson Photolier -
Epson Photoquicker -
Epson Photostarter 3.1
Epson Pm-t990 Integrated Installer -
Epson Print -
Epson Print Image Framer Tool -
NA
CVE-2022-3368
A vulnerability within the Software Updater functionality of Avira Security for Windows allowed an attacker with write access to the filesystem, to escalate his privileges in certain scenarios. The issue was fixed with Avira Security version 1.1.72.30556.
Avira Avira Security
1 Github repository
NA
CVE-2022-31148
Shopware is an open source e-commerce software. In versions from 5.7.0 a persistent cross site scripting (XSS) vulnerability exists in the customer module. Users are recommend to update to the current version 5.7.14. You can get the update to 5.7.14 regularly via the Auto-Updater...
Shopware Shopware
6.8
CVSSv2
CVE-2022-28944
Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for Windows 9.1.4 and Remote Installer for Windows 6.0.13 and Ping Monitor for Windows 8.0.18 and Remote Shutdown for Windows 7.2.2 and WakeOnLan 2....
Emcosoftware Network Inventory 5.8.22
Emcosoftware Network Software Scanner 2.0.8
Emcosoftware Unlock It 6.1.1
Emcosoftware Remote Shutdown 7.2.2
Emcosoftware Ping Monitor 8.0.18
Emcosoftware Msi Package Builder 9.1.4
Emcosoftware Remote Installer 6.0.13
Emcosoftware Wakeonlan 2.0.8
1 Github repository
NA
CVE-2022-36102
Shopware is an open source e-commerce software. In affected versions if backend admin controllers are called with a certain notation, the ACL could be bypassed. Users could execute actions, which they are normally not able to do. Users are advised to update to the current version...
Shopware Shopware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »