3 results (0.002 seconds)

CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 1

An arbitrary file overwrite vulnerability in NoMachine Free Edition and Enterprise Client for macOS before v8.8.1 allows attackers to overwrite root-owned files by using hardlinks. Una vulnerabilidad de sobrescritura arbitraria de archivos en NoMachine Free Edition y Enterprise Client para macOS antes de v8.8.1 permite a los atacantes sobrescribir archivos propiedad de root mediante el uso de hardlinks. • https://kb.nomachine.com/SU07U00247 https://kb.nomachine.com/TR07U10948 https://www.ns-echo.com/posts/nomachine_afo.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

An issue in NoMachine before v8.2.3 allows attackers to execute arbitrary commands via a crafted .nxs file. • https://kb.nomachine.com/SU11T00239 •

CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 1

Incorrect permissions for the folder C:\ProgramData\NoMachine\var\uninstall of Nomachine v7.9.2 allows attackers to perform a DLL hijacking attack and execute arbitrary code. Unos permisos incorrectos para la carpeta C:\ProgramData\NSinMachine\Ndesinstalación de Nomachine versión v7.9.2, permite a atacantes llevar a cabo un ataque de secuestro de DLL y ejecutar código arbitrario • https://github.com/ycdxsb/Vuln/tree/main/Nomachine-Incorrect-Folder-Permission • CWE-732: Incorrect Permission Assignment for Critical Resource •