Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
autoupdate vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-6265
The Scripting and AutoUpdate functionality in Cordaware bestinformed Microsoft Windows client versions prior to 6.2.1.0 are affected by insecure implementations which allow remote malicious users to execute arbitrary commands and escalate privileges.
Cordaware Bestinformed
7.8
CVSSv3
CVE-2018-8412
An elevation of privilege vulnerability exists when the Microsoft AutoUpdate (MAU) application for Mac improperly validates updates before executing them, aka "Microsoft (MAU) Office Elevation of Privilege Vulnerability." This affects Microsoft Office.
Microsoft Office For Mac 2016
1 Article
NA
CVE-2014-0837
The AutoUpdate process in IBM Security QRadar SIEM 7.2 MR1 and previous versions does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers via a crafted certificate.
Ibm Qradar Security Information And Event Manager
NA
CVE-2015-4674
The autoupdate implementation in TimeDoctor Pro 1.4.72.3 on Windows relies on unsigned installer files that are retrieved without use of SSL, which makes it easier for man-in-the-middle malicious users to execute arbitrary code via a crafted file.
Timedoctor Timedoctor 1.4.72.3
NA
CVE-2011-2954
Use-after-free vulnerability in the AutoUpdate feature in RealNetworks RealPlayer 11.0 up to and including 11.1 and 14.0.0 up to and including 14.0.5 and RealPlayer SP 1.0 up to and including 1.1.5, when an Embedded RealPlayer is used, allows remote malicious users to execute arb...
Realnetworks Realplayer 11.0
Realnetworks Realplayer 11.1
Realnetworks Realplayer 14.0.3
Realnetworks Realplayer 14.0.4
Realnetworks Realplayer 14.0.5
Realnetworks Realplayer 14.0.1
Realnetworks Realplayer 14.0.2
Realnetworks Realplayer 14.0.0
Realnetworks Realplayer Sp 1.1.1
Realnetworks Realplayer Sp 1.0.5
Realnetworks Realplayer Sp 1.1.3
Realnetworks Realplayer Sp 1.1.2
Realnetworks Realplayer Sp 1.0.0
Realnetworks Realplayer Sp 1.0.1
Realnetworks Realplayer Sp 1.1
Realnetworks Realplayer Sp 1.1.5
Realnetworks Realplayer Sp 1.0.2
Realnetworks Realplayer Sp 1.1.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2024-20360
CVE-2021-47559
XXE
CVE-2024-5229
CVE-2021-47543
CVE-2021-47571
SSTI
CVE-2024-4978
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2