Wondershare: Security Vulnerabilities
A vulnerability, which was classified as critical, has been found in Wondershare Filmora 14.5.16. Affected by this issue is some unknown functionality in the library CRYPTBASE.dll of the file NFWCHK.exe of the component Installer. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
7.0
EPSS Score
0.0
Published
2025-05-26
Wondershare filmora 9.2.11 is affected by Trojan Dll hijacking leading to privilege escalation.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-03-04
A remote code execution vulnerability in the project management of Wanxing Technology's Yitu project which allows an attacker to use the exp.adpx file as a zip compressed file to construct a special file name, which can be used to decompress the project file into the system startup folder, restart the system, and automatically execute the constructed attack script.
CVSS Score
3.3
EPSS Score
0.008
Published
2024-10-02
Insecure Permissions vulnerability in Wondershare Filmora v.13.0.51 allows a local attacker to execute arbitrary code via a crafted script to the WSNativePushService.exe
CVSS Score
7.8
EPSS Score
0.001
Published
2024-04-08
Insecure permissions in MobileTrans v4.0.11 allows attackers to escalate privileges to local admin via replacing the executable file.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-05-24
Wondershare Filmora 12 (Build 12.2.1.2088) was discovered to contain an unquoted service path vulnerability via the component NativePushService. This vulnerability allows attackers to launch processes with elevated privileges.
CVSS Score
7.8
EPSS Score
0.009
Published
2023-05-23
Insecure Permission vulnerability found in Wondershare Dr.Fone v.12.9.6 allows a remote attacker to escalate privileges via the service permission function.
CVSS Score
7.8
EPSS Score
0.002
Published
2023-04-26
An issue found in Wondershare Technology Co, Ltd Edrawmind v.10.0.6 allows a remote attacker to executea arbitrary commands via the WindowsCodescs.dll file.
CVSS Score
7.8
EPSS Score
0.002
Published
2023-04-04
An issue found in Wondershare Technology Co, Ltd Filmora v.12.0.9 allows a remote attacker to execute arbitrary commands via the filmora_setup_full846.exe.
CVSS Score
7.8
EPSS Score
0.002
Published
2023-04-04
An issue found in Wondershare Technology Co., Ltd UniConverter v.14.0.0 allows a remote attacker to execute arbitrary commands via the uniconverter14_64bit_setup_full14204.exe file.
CVSS Score
7.8
EPSS Score
0.002
Published
2023-04-04
Page 1