Vulnerabilities > Nomachine > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-03 | CVE-2022-48074 | Unspecified vulnerability in Nomachine An issue in NoMachine before v8.2.3 allows attackers to execute arbitrary commands via a crafted .nxs file. | 5.3 |
| 2022-04-28 | CVE-2021-33436 | Unspecified vulnerability in Nomachine NoMachine for Windows prior to version 6.15.1 and 7.5.2 suffer from local privilege escalation due to the lack of safe DLL loading. | 6.2 |
| 2018-12-10 | CVE-2018-20029 | Use of Uninitialized Resource vulnerability in multiple products The nxfs.sys driver in the DokanFS library 0.6.0 in NoMachine before 6.4.6 on Windows 10 allows local users to cause a denial of service (BSOD) because uninitialized memory can be read. | 4.9 |
| 2018-10-15 | CVE-2018-17980 | Untrusted Search Path vulnerability in Nomachine NoMachine before 5.3.27 and 6.x before 6.3.6 allows attackers to gain privileges via a Trojan horse wintab32.dll file located in the same directory as a .nxs file, as demonstrated by a scenario where the .nxs file and the DLL are in the current working directory, and the Trojan horse code is executed. | 6.8 |
| 2012-09-19 | CVE-2012-5003 | Improper Authentication vulnerability in Nomachine NX web Companion nxapplet.jar in No Machine NX Web Companion 3.x and earlier does not properly verify the authenticity of updates, which allows user-assisted remote attackers to execute arbitrary code via a crafted (1) SiteUrl or (2) RedirectUrl parameter that points to a Trojan Horse client.zip update file. | 6.8 |
| 2007-01-31 | CVE-2007-0625 | Remote Denial Of Service vulnerability in NoMachine NX Server NXCONFIGURE.SH nxconfigure.sh in NoMachine NX Server before 2.1.0-18 does not validate the invoking user, which allows local users to modify server configuration keys in /usr/NX/etc/server.cfg, resulting in an unspecified denial of service. | 4.9 |