Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
autorun vulnerabilities and exploits
(subscribe to this query)
6.9
CVSSv2
CVE-2012-4054
Buffer overflow in the readfile function in CPE17 Autorun Killer 1.7.1 and previous versions allows physically proximate malicious users to execute arbitrary code via a crafted inf file.
Cpe17 Autorun Killer
1 EDB exploit
2.1
CVSSv2
CVE-2002-0915
autorun in Xandros based Linux distributions allows local users to read the first line of arbitrary files via the -c parameter, which causes autorun to print the first line of the file.
Harald Hoyer Autorun 2.7
Harald Hoyer Xandros Desktop Os 1.0
9.3
CVSSv2
CVE-2008-0951
Microsoft Windows Vista does not properly enforce the NoDriveTypeAutoRun registry value, which allows user-assisted remote attackers, and possibly physically proximate attackers, to execute arbitrary code by inserting a (1) CD-ROM device or (2) U3-enabled USB device containing a ...
Microsoft Windows Vista
2.1
CVSSv2
CVE-2020-7273
Accessing functionality not properly constrained by ACLs vulnerability in the autorun start-up protection in McAfee Endpoint Security (ENS) for Windows before 10.7.0 April 2020 Update allows local users to delete or rename programs in the autorun key via manipulation of some para...
Mcafee Endpoint Security 10.5.0
Mcafee Endpoint Security 10.5.1
Mcafee Endpoint Security 10.5.2
Mcafee Endpoint Security 10.5.3
Mcafee Endpoint Security 10.5.4
Mcafee Endpoint Security 10.5.5
Mcafee Endpoint Security 10.6.0
4.3
CVSSv2
CVE-2019-13971
OTCMS 3.81 allows XSS via the mode parameter in an apiRun.php?mudi=autoRun request.
Otcms Otcms 3.81
7.2
CVSSv2
CVE-2000-0155
Windows NT Autorun executes the autorun.inf file on non-removable media, which allows local malicious users to specify an alternate program to execute when other users access a drive.
Microsoft Windows Nt 4.0
Microsoft Windows 95
Microsoft Windows 98
1 EDB exploit
4.6
CVSSv2
CVE-2019-7487
Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent path could allow code execution.
Sonicwall Sonicos
Sonicwall Sonicos Sslvpn Nacagent 3.5
NA
CVE-2022-39060
ChangingTech MegaServiSignAdapter component has a vulnerability of improper input validation. An unauthenticated remote attacker can exploit this vulnerability to access and modify HKEY_CURRENT_USER subkey (ex: AutoRUN) in Registry where malicious scripts can be executed to take ...
Changingtec Megaservisignadapter
4.6
CVSSv2
CVE-2005-4590
Spb Kiosk Engine 1.0.0.1 allows local users to bypass restrictions on allowed applications via (1) removable media containing a program that will execute because of the autorun setting and (2) applications that are able to invoke other applications, as demonstrated by a file: URL...
Spb Kiosk Engine 1.0.0.1
6.9
CVSSv2
CVE-2015-4173
Unquoted Windows search path vulnerability in the autorun value in Dell SonicWall NetExtender prior to 7.5.227 and 8.0.x prior to 8.0.238, as used in the SRA firmware prior to 7.5.1.2-40sv and 8.x prior to 8.0.0.3-23sv, allows local users to gain privileges via a Trojan horse pro...
Sonicwall Netextender
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »