Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
autoupdate vulnerabilities and exploits
(subscribe to this query)
409
VMScore
CVE-2020-0984
An elevation of privilege vulnerability exists when the Microsoft AutoUpdate (MAU) application for Mac improperly validates updates before executing them, aka 'Microsoft (MAU) Office Elevation of Privilege Vulnerability'.
Microsoft Autoupdate -
1 Github repository
1 Article
940
VMScore
CVE-2008-0955
Stack-based buffer overflow in the Creative Software AutoUpdate Engine ActiveX control in CTSUEng.ocx allows remote malicious users to execute arbitrary code via a long CacheFolder property value.
Creative Creative Software Autoupdate Engine
2 EDB exploits
890
VMScore
CVE-2010-0990
Stack-based buffer overflow in Creative Software AutoUpdate Engine ActiveX Control 2.0.12.0, as used in Creative Software AutoUpdate 1.40.01, allows remote malicious users to execute arbitrary code via vectors related to the BrowseFolder method.
Creative Autoupdate Engine Activex Control 2.0.12.0
Creative Autoupdate 1.40.01
570
VMScore
CVE-2019-17560
The "Apache NetBeans" autoupdate system does not validate SSL certificates and hostnames for https based downloads. This allows an malicious user to intercept downloads of autoupdates and modify the download, potentially injecting malicious code. “Apache NetBeans&...
Apache Netbeans
Oracle Graalvm 19.3.2
Oracle Graalvm 20.1.0
445
VMScore
CVE-2019-17561
The "Apache NetBeans" autoupdate system does not fully validate code signatures. An attacker could modify the downloaded nbm and include additional code. "Apache NetBeans" versions up to and including 11.2 are affected by this vulnerability.
Apache Netbeans
Oracle Graalvm 19.3.2
Oracle Graalvm 20.1.0
614
VMScore
CVE-2008-5313
mailscanner 4.68.8 and other versions prior to 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) avast-autoupdate, and (4) f-prot-6-autoupdate scripts in /et...
Mailscanner Mailscanner 4.73.4-2
Mailscanner Mailscanner 4.72.5-1
Mailscanner Mailscanner 4.71.10-1
Mailscanner Mailscanner 4.69.9-3
Mailscanner Mailscanner 4.68.8
Mailscanner Mailscanner 4.70.7-1
Mailscanner Mailscanner 4.68.8-1
614
VMScore
CVE-2008-5312
mailscanner 4.55.10 and other versions prior to 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) panda-autoupdate.new, (4) trend-autoupdate.new, and (5) rav...
Mailscanner Mailscanner 4.64.3-2
Mailscanner Mailscanner 4.63.8-1
Mailscanner Mailscanner 4.62.9-3
Mailscanner Mailscanner 4.61.7-2
Mailscanner Mailscanner 4.60.8-1
Mailscanner Mailscanner 4.73.4-2
Mailscanner Mailscanner 4.67.6-1
Mailscanner Mailscanner 4.65.3-1
Mailscanner Mailscanner 4.58.9-1
Mailscanner Mailscanner 4.56.8-1
Mailscanner Mailscanner 4.71.10-1
Mailscanner Mailscanner 4.70.7-1
Mailscanner Mailscanner 4.69.9-3
Mailscanner Mailscanner 4.68.8-1
Mailscanner Mailscanner 4.55.10
Mailscanner Mailscanner 4.72.5-1
Mailscanner Mailscanner 4.68.8
Mailscanner Mailscanner 4.66.5-3
Mailscanner Mailscanner 4.59.4-2
Mailscanner Mailscanner 4.57.7-1
445
VMScore
CVE-2020-3946
InstallBuilder AutoUpdate tool and regular installers enabling <checkForUpdates> built with versions earlier than 19.11 are vulnerable to Billion laughs attack (denial-of-service).
Vmware Installbuilder
641
VMScore
CVE-2020-23967
Dr.Web Security Space versions 11 and 12 allow elevation of privilege for local users without administrative privileges to NT AUTHORITY\SYSTEM due to insufficient control during autoupdate.
Drweb Security Space 11.0
Drweb Security Space 12.0
668
VMScore
CVE-2014-0838
The AutoUpdate package prior to 6.4 for IBM Security QRadar SIEM 7.2 MR1 and previous versions allows remote malicious users to execute arbitrary console commands by leveraging control of the server.
Ibm Qradar Security Information And Event Manager
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »