Vulnerabilities > Nomachine > Nomachine > 6.1.6

DATE CVE VULNERABILITY TITLE RISK
2023-08-04 CVE-2023-39107 Link Following vulnerability in Nomachine
An arbitrary file overwrite vulnerability in NoMachine Free Edition and Enterprise Client for macOS before v8.8.1 allows attackers to overwrite root-owned files by using hardlinks.
network
low complexity
nomachine CWE-59
critical
9.1
2023-02-03 CVE-2022-48074 Unspecified vulnerability in Nomachine
An issue in NoMachine before v8.2.3 allows attackers to execute arbitrary commands via a crafted .nxs file.
local
low complexity
nomachine
5.3
2022-04-28 CVE-2021-33436 Unspecified vulnerability in Nomachine
NoMachine for Windows prior to version 6.15.1 and 7.5.2 suffer from local privilege escalation due to the lack of safe DLL loading.
local
high complexity
nomachine
6.2
2018-12-10 CVE-2018-20029 Use of Uninitialized Resource vulnerability in multiple products
The nxfs.sys driver in the DokanFS library 0.6.0 in NoMachine before 6.4.6 on Windows 10 allows local users to cause a denial of service (BSOD) because uninitialized memory can be read.
local
low complexity
dokan-dev nomachine microsoft CWE-908
4.9
2018-10-15 CVE-2018-17980 Untrusted Search Path vulnerability in Nomachine
NoMachine before 5.3.27 and 6.x before 6.3.6 allows attackers to gain privileges via a Trojan horse wintab32.dll file located in the same directory as a .nxs file, as demonstrated by a scenario where the .nxs file and the DLL are in the current working directory, and the Trojan horse code is executed.
network
nomachine CWE-426
6.8