Nomachine: >> Nomachine Security Vulnerabilities
NoMachine before 5.3.27 and 6.x before 6.3.6 allows attackers to gain privileges via a Trojan horse wintab32.dll file located in the same directory as a .nxs file, as demonstrated by a scenario where the .nxs file and the DLL are in the current working directory, and the Trojan horse code is executed. (The directory could, in general, be on a local filesystem or a network share.).
CVSS Score
7.8
EPSS Score
0.037
Published
2018-10-15
A vulnerability in NoMachine App for Android 5.0.63 and earlier allows attackers to alter environment variables via unspecified vectors.
CVSS Score
9.8
EPSS Score
0.005
Published
2018-09-04
An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS library shipped with NoMachine 6.0.66_2 and earlier allows a local low privileged user to gain elevation of privileges on Windows 7 (32 and 64bit), and denial of service for Windows 8 and 10.
CVSS Score
7.8
EPSS Score
0.018
Published
2018-02-28
An unspecified server utility in NoMachine before 5.3.10 on Mac OS X and Linux allows authenticated users to gain privileges by gaining access to local files.
CVSS Score
8.8
EPSS Score
0.051
Published
2017-08-29
Page 2