Vulnerabilities > Nullsoft > Nullsoft Scriptable Install System > 2.41

DATE CVE VULNERABILITY TITLE RISK
2023-07-03 CVE-2023-37378 Unspecified vulnerability in Nullsoft Scriptable Install System
Nullsoft Scriptable Install System (NSIS) before 3.09 mishandles access control for an uninstaller directory.
network
low complexity
nullsoft
5.3
2018-10-01 CVE-2015-9268 Improper Input Validation vulnerability in multiple products
Nullsoft Scriptable Install System (NSIS) before 2.49 has unsafe implicit linking against Version.dll.
network
nullsoft debian CWE-20
critical
9.3
2018-10-01 CVE-2015-9267 Improper Privilege Management vulnerability in multiple products
Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files.
local
low complexity
nullsoft debian CWE-269
3.6