Vulnerabilities (CVE)

Filtered by vendor Nomachine Subscribe
Filtered by product Nomachine
Total 9 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-39107 2 Apple, Nomachine 2 Macos, Nomachine 2024-11-21 N/A 9.1 CRITICAL
An arbitrary file overwrite vulnerability in NoMachine Free Edition and Enterprise Client for macOS before v8.8.1 allows attackers to overwrite root-owned files by using hardlinks.
CVE-2022-48074 1 Nomachine 1 Nomachine 2024-11-21 N/A 5.3 MEDIUM
An issue in NoMachine before v8.2.3 allows attackers to execute arbitrary commands via a crafted .nxs file.
CVE-2022-34043 1 Nomachine 1 Nomachine 2024-11-21 4.4 MEDIUM 7.3 HIGH
Incorrect permissions for the folder C:\ProgramData\NoMachine\var\uninstall of Nomachine v7.9.2 allows attackers to perform a DLL hijacking attack and execute arbitrary code.
CVE-2021-33436 2 Microsoft, Nomachine 2 Windows, Nomachine 2024-11-21 6.2 MEDIUM 7.3 HIGH
NoMachine for Windows prior to version 6.15.1 and 7.5.2 suffer from local privilege escalation due to the lack of safe DLL loading. This vulnerability allows local non-privileged users to perform DLL Hijacking via any writable directory listed under the system path and ultimately execute code as NT AUTHORITY\SYSTEM.
CVE-2018-6947 2 Microsoft, Nomachine 4 Windows 10, Windows 7, Windows 8 and 1 more 2024-11-21 7.2 HIGH 7.8 HIGH
An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS library shipped with NoMachine 6.0.66_2 and earlier allows a local low privileged user to gain elevation of privileges on Windows 7 (32 and 64bit), and denial of service for Windows 8 and 10.
CVE-2018-20029 3 Dokan-dev, Microsoft, Nomachine 3 Dokanfs, Windows 10, Nomachine 2024-11-21 4.9 MEDIUM 5.5 MEDIUM
The nxfs.sys driver in the DokanFS library 0.6.0 in NoMachine before 6.4.6 on Windows 10 allows local users to cause a denial of service (BSOD) because uninitialized memory can be read.
CVE-2018-17980 1 Nomachine 1 Nomachine 2024-11-21 6.8 MEDIUM 7.8 HIGH
NoMachine before 5.3.27 and 6.x before 6.3.6 allows attackers to gain privileges via a Trojan horse wintab32.dll file located in the same directory as a .nxs file, as demonstrated by a scenario where the .nxs file and the DLL are in the current working directory, and the Trojan horse code is executed. (The directory could, in general, be on a local filesystem or a network share.).
CVE-2018-0664 1 Nomachine 1 Nomachine 2024-11-21 7.5 HIGH 9.8 CRITICAL
A vulnerability in NoMachine App for Android 5.0.63 and earlier allows attackers to alter environment variables via unspecified vectors.
CVE-2017-12763 3 Apple, Linux, Nomachine 3 Mac Os X, Linux Kernel, Nomachine 2024-11-21 9.0 HIGH 8.8 HIGH
An unspecified server utility in NoMachine before 5.3.10 on Mac OS X and Linux allows authenticated users to gain privileges by gaining access to local files.