Vulnerabilities > Nomachine

DATE CVE VULNERABILITY TITLE RISK
2021-12-07 CVE-2021-42980 Classic Buffer Overflow vulnerability in Nomachine Cloud Server
NoMachine Cloud Server is affected by Buffer Overflow.
local
low complexity
nomachine CWE-120
8.8
2021-12-07 CVE-2021-42983 Classic Buffer Overflow vulnerability in Nomachine Enterprise Client
NoMachine Enterprise Client is affected by Buffer Overflow.
local
low complexity
nomachine CWE-120
8.8
2021-12-07 CVE-2021-42986 Integer Overflow or Wraparound vulnerability in Nomachine Enterprise Client
NoMachine Enterprise Client is affected by Integer Overflow.
local
low complexity
nomachine CWE-190
8.8
2018-12-10 CVE-2018-20029 Use of Uninitialized Resource vulnerability in multiple products
The nxfs.sys driver in the DokanFS library 0.6.0 in NoMachine before 6.4.6 on Windows 10 allows local users to cause a denial of service (BSOD) because uninitialized memory can be read.
local
low complexity
dokan-dev nomachine CWE-908
5.5
2018-10-15 CVE-2018-17980 Untrusted Search Path vulnerability in Nomachine
NoMachine before 5.3.27 and 6.x before 6.3.6 allows attackers to gain privileges via a Trojan horse wintab32.dll file located in the same directory as a .nxs file, as demonstrated by a scenario where the .nxs file and the DLL are in the current working directory, and the Trojan horse code is executed.
local
low complexity
nomachine CWE-426
7.8
2018-09-04 CVE-2018-0664 Improper Input Validation vulnerability in Nomachine 5.0.63
A vulnerability in NoMachine App for Android 5.0.63 and earlier allows attackers to alter environment variables via unspecified vectors.
network
low complexity
nomachine CWE-20
critical
9.8
2018-02-28 CVE-2018-6947 Improper Initialization vulnerability in multiple products
An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS library shipped with NoMachine 6.0.66_2 and earlier allows a local low privileged user to gain elevation of privileges on Windows 7 (32 and 64bit), and denial of service for Windows 8 and 10.
local
low complexity
nomachine microsoft CWE-665
7.8
2017-08-29 CVE-2017-12763 Incorrect Default Permissions vulnerability in Nomachine
An unspecified server utility in NoMachine before 5.3.10 on Mac OS X and Linux allows authenticated users to gain privileges by gaining access to local files.
network
low complexity
nomachine CWE-276
8.8