Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
software updater vulnerabilities and exploits
(subscribe to this query)
828
VMScore
CVE-2019-12574
A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v1.0 for Windows could allow an authenticated, local malicious user to run arbitrary code with elevated privileges. The PIA client is vulnerable to a DLL injection vulnerability during the software...
Londontrustmedia Private Internet Access Vpn Client 1.0
828
VMScore
CVE-2017-6466
F-Secure Software Updater 2.20, as distributed in several F-Secure products, downloads installation packages over plain http and does not perform file integrity validation after download. Man-in-the-middle attackers can replace the file with their own executable which will be exe...
F-secure Software Updater 2.20
725
VMScore
CVE-2018-6084
Insufficiently sanitized distributed objects in Updater in Google Chrome on macOS before 66.0.3359.117 allowed a local malicious user to execute arbitrary code via an executable file.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
1 EDB exploit
668
VMScore
CVE-2019-18847
Enterprise Access Client Auto-Updater allows for Remote Code Execution prior to version 2.0.1.
Akamai Enterprise Application Access
605
VMScore
CVE-2022-28944
Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for Windows 9.1.4 and Remote Installer for Windows 6.0.13 and Ping Monitor for Windows 8.0.18 and Remote Shutdown for Windows 7.2.2 and WakeOnLan 2....
Emcosoftware Network Inventory 5.8.22
Emcosoftware Network Software Scanner 2.0.8
Emcosoftware Unlock It 6.1.1
Emcosoftware Remote Shutdown 7.2.2
Emcosoftware Ping Monitor 8.0.18
Emcosoftware Msi Package Builder 9.1.4
Emcosoftware Remote Installer 6.0.13
Emcosoftware Wakeonlan 2.0.8
1 Github repository
605
VMScore
CVE-2015-0209
Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL prior to 0.9.8zf, 1.0.0 prior to 1.0.0r, 1.0.1 prior to 1.0.1m, and 1.0.2 prior to 1.0.2a might allow remote malicious users to cause a denial of service (memory corruption and applica...
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.0n
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.0m
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.0p
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.0o
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.0k
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.0
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1e
561
VMScore
CVE-2020-12431
A Windows privilege change issue exists in Splashtop Software Updater prior to 1.5.6.16. Insecure permissions on the configuration file and named pipe allow for local privilege escalation to NT AUTHORITY/SYSTEM, by forcing a permission change to any Splashtop files and directorie...
Splashtop Software Updater
Splashtop Streamer
446
VMScore
CVE-2015-0291
The sigalgs implementation in t1_lib.c in OpenSSL 1.0.2 prior to 1.0.2a allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) by using an invalid signature_algorithms extension in the ClientHello message during a renegotiation.
Openssl Openssl 1.0.2
3 Github repositories
2 Articles
445
VMScore
CVE-2015-0207
The dtls1_listen function in d1_lib.c in OpenSSL 1.0.2 prior to 1.0.2a does not properly isolate the state information of independent data streams, which allows remote malicious users to cause a denial of service (application crash) via crafted DTLS traffic, as demonstrated by DT...
Openssl Openssl 1.0.2
445
VMScore
CVE-2015-0290
The multi-block feature in the ssl3_write_bytes function in s3_pkt.c in OpenSSL 1.0.2 prior to 1.0.2a on 64-bit x86 platforms with AES NI support does not properly handle certain non-blocking I/O cases, which allows remote malicious users to cause a denial of service (pointer cor...
Openssl Openssl 1.0.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »