Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
software updater vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2023-3181
The C:\Program Files (x86)\Splashtop\Splashtop Software Updater\uninst.exe process creates a folder at C:\Windows\Temp~nsu.tmp and copies itself to it as Au_.exe. The C:\Windows\Temp~nsu.tmp\Au_.exe file is automatically launched as SYSTEM when the system reboots or when a standa...
Splashtop Software Updater
8.8
CVSSv3
CVE-2022-3368
A vulnerability within the Software Updater functionality of Avira Security for Windows allowed an attacker with write access to the filesystem, to escalate his privileges in certain scenarios. The issue was fixed with Avira Security version 1.1.72.30556.
Avira Avira Security
1 Github repository
5.3
CVSSv3
CVE-2022-36101
Shopware is an open source e-commerce software. In affected versions the request for the customer detail view in the backend administration contained sensitive data like the hashed password and the session ID. These fields are now explicitly unset in version 5.7.15. Users are adv...
Shopware Shopware
7.2
CVSSv3
CVE-2022-36102
Shopware is an open source e-commerce software. In affected versions if backend admin controllers are called with a certain notation, the ACL could be bypassed. Users could execute actions, which they are normally not able to do. Users are advised to update to the current version...
Shopware Shopware
5.4
CVSSv3
CVE-2022-31148
Shopware is an open source e-commerce software. In versions from 5.7.0 a persistent cross site scripting (XSS) vulnerability exists in the customer module. Users are recommend to update to the current version 5.7.14. You can get the update to 5.7.14 regularly via the Auto-Updater...
Shopware Shopware
8.8
CVSSv3
CVE-2022-28944
Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for Windows 9.1.4 and Remote Installer for Windows 6.0.13 and Ping Monitor for Windows 8.0.18 and Remote Shutdown for Windows 7.2.2 and WakeOnLan 2....
Emcosoftware Network Inventory 5.8.22
Emcosoftware Network Software Scanner 2.0.8
Emcosoftware Unlock It 6.1.1
Emcosoftware Remote Shutdown 7.2.2
Emcosoftware Ping Monitor 8.0.18
Emcosoftware Msi Package Builder 9.1.4
Emcosoftware Remote Installer 6.0.13
Emcosoftware Wakeonlan 2.0.8
1 Github repository
7.8
CVSSv3
CVE-2020-5674
Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an malicious user to gain privileges via a Trojan horse DLL in an unspecified directory.
Epson Album Print -
Epson Color Calibration Utility -
Epson Colorbase -
Epson Colorio Easy Print -
Epson Connect -
Epson Creativity Suite -
Epson E-photo -
Epson Easy Photo Print -
Epson Easy Settings -
Epson Imaging Workshop -
Epson Link2 -
Epson Multi-print Quicker -
Epson Net Config -
Epson Net Config Se -
Epson Net Print -
Epson Net Software Development Kit -
Epson Photolier -
Epson Photoquicker -
Epson Photostarter 3.1
Epson Pm-t990 Integrated Installer -
Epson Print -
Epson Print Image Framer Tool -
9.8
CVSSv3
CVE-2019-18847
Enterprise Access Client Auto-Updater allows for Remote Code Execution prior to version 2.0.1.
Akamai Enterprise Application Access
6.6
CVSSv3
CVE-2020-12431
A Windows privilege change issue exists in Splashtop Software Updater prior to 1.5.6.16. Insecure permissions on the configuration file and named pipe allow for local privilege escalation to NT AUTHORITY/SYSTEM, by forcing a permission change to any Splashtop files and directorie...
Splashtop Software Updater
Splashtop Streamer
7.8
CVSSv3
CVE-2020-12463
An elevation of privilege vulnerability exists in Avira Software Updater prior to 2.0.6.27476 due to improperly handling file hard links. This allows local users to obtain take control of arbitrary files.
Avira Software Updater
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »