Vulnerabilities > Notepad Plus Plus
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-30 | CVE-2023-47452 | Uncontrolled Search Path Element vulnerability in Notepad-Plus-Plus Notepad++ 6.5 An Untrusted search path vulnerability in notepad++ 6.5 allows local users to gain escalated privileges through the msimg32.dll file in the current working directory. | 7.8 |
| 2023-11-30 | CVE-2023-6401 | Uncontrolled Search Path Element vulnerability in Notepad-Plus-Plus Notepad++ A vulnerability classified as problematic was found in NotePad++ up to 8.1. | 7.8 |
| 2023-08-25 | CVE-2023-40164 | Classic Buffer Overflow vulnerability in Notepad-Plus-Plus Notepad++ Notepad++ is a free and open-source source code editor. | 5.5 |
| 2023-08-25 | CVE-2023-40166 | Heap-based Buffer Overflow vulnerability in Notepad-Plus-Plus Notepad++ Notepad++ is a free and open-source source code editor. | 5.5 |
| 2023-08-25 | CVE-2023-40031 | Heap-based Buffer Overflow vulnerability in Notepad-Plus-Plus Notepad++ Notepad++ is a free and open-source source code editor. | 7.8 |
| 2023-08-25 | CVE-2023-40036 | Classic Buffer Overflow vulnerability in Notepad-Plus-Plus Notepad++ Notepad++ is a free and open-source source code editor. | 5.5 |
| 2023-02-01 | CVE-2022-31902 | Out-of-bounds Write vulnerability in Notepad-Plus-Plus Notepad++ Notepad++ v8.4.1 was discovered to contain a stack overflow via the component Finder::add(). | 5.5 |
| 2023-01-19 | CVE-2022-31901 | Out-of-bounds Write vulnerability in Notepad-Plus-Plus Notepad++ Buffer overflow in function Notepad_plus::addHotSpot in Notepad++ v8.4.3 and earlier allows attackers to crash the application via two crafted files. | 6.5 |
| 2022-09-28 | CVE-2022-32168 | Uncontrolled Search Path Element vulnerability in Notepad-Plus-Plus Notepad++ Notepad++ versions 8.4.1 and before are vulnerable to DLL hijacking where an attacker can replace the vulnerable dll (UxTheme.dll) with his own dll and run arbitrary code in the context of Notepad++. | 7.8 |
| 2019-09-14 | CVE-2019-16294 | Out-of-bounds Write vulnerability in multiple products SciLexer.dll in Scintilla in Notepad++ (x64) before 7.7 allows remote code execution or denial of service via Unicode characters in a crafted .ml file. | 7.8 |