Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
autorun vulnerabilities and exploits
(subscribe to this query)
695
VMScore
CVE-2012-4054
Buffer overflow in the readfile function in CPE17 Autorun Killer 1.7.1 and previous versions allows physically proximate malicious users to execute arbitrary code via a crafted inf file.
Cpe17 Autorun Killer
1 EDB exploit
187
VMScore
CVE-2002-0915
autorun in Xandros based Linux distributions allows local users to read the first line of arbitrary files via the -c parameter, which causes autorun to print the first line of the file.
Harald Hoyer Autorun 2.7
Harald Hoyer Xandros Desktop Os 1.0
828
VMScore
CVE-2008-0951
Microsoft Windows Vista does not properly enforce the NoDriveTypeAutoRun registry value, which allows user-assisted remote attackers, and possibly physically proximate attackers, to execute arbitrary code by inserting a (1) CD-ROM device or (2) U3-enabled USB device containing a ...
Microsoft Windows Vista
187
VMScore
CVE-2020-7273
Accessing functionality not properly constrained by ACLs vulnerability in the autorun start-up protection in McAfee Endpoint Security (ENS) for Windows before 10.7.0 April 2020 Update allows local users to delete or rename programs in the autorun key via manipulation of some para...
Mcafee Endpoint Security 10.5.0
Mcafee Endpoint Security 10.5.1
Mcafee Endpoint Security 10.5.2
Mcafee Endpoint Security 10.5.3
Mcafee Endpoint Security 10.5.4
Mcafee Endpoint Security 10.5.5
Mcafee Endpoint Security 10.6.0
383
VMScore
CVE-2019-13971
OTCMS 3.81 allows XSS via the mode parameter in an apiRun.php?mudi=autoRun request.
Otcms Otcms 3.81
725
VMScore
CVE-2000-0155
Windows NT Autorun executes the autorun.inf file on non-removable media, which allows local malicious users to specify an alternate program to execute when other users access a drive.
Microsoft Windows Nt 4.0
Microsoft Windows 95
Microsoft Windows 98
1 EDB exploit
409
VMScore
CVE-2019-7487
Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent path could allow code execution.
Sonicwall Sonicos
Sonicwall Sonicos Sslvpn Nacagent 3.5
NA
CVE-2022-39060
ChangingTech MegaServiSignAdapter component has a vulnerability of improper input validation. An unauthenticated remote attacker can exploit this vulnerability to access and modify HKEY_CURRENT_USER subkey (ex: AutoRUN) in Registry where malicious scripts can be executed to take ...
Changingtec Megaservisignadapter
409
VMScore
CVE-2005-4590
Spb Kiosk Engine 1.0.0.1 allows local users to bypass restrictions on allowed applications via (1) removable media containing a program that will execute because of the autorun setting and (2) applications that are able to invoke other applications, as demonstrated by a file: URL...
Spb Kiosk Engine 1.0.0.1
614
VMScore
CVE-2015-4173
Unquoted Windows search path vulnerability in the autorun value in Dell SonicWall NetExtender prior to 7.5.227 and 8.0.x prior to 8.0.238, as used in the SRA firmware prior to 7.5.1.2-40sv and 8.x prior to 8.0.0.3-23sv, allows local users to gain privileges via a Trojan horse pro...
Sonicwall Netextender
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »