79 matches found
CVE-2023-38353
Affected software: MiniTool Power Data Recovery, version 11.6 and earlier. Vulnerability: insecure in-app payment system that enables a man-in-the-middle attack to exfiltrate highly sensitive information. Impact: information disclosure due to compromised payment flow; no other impacts stated. Roo...
CVE-2023-38354
CVE-2023-38354 affects MiniTool Shadow Maker version 4.1. The vulnerability arises from an insecure installation process that can enable a remote code execution via a man-in-the-middle attack. The available sources (NVD/Red Hat/CVE catalogs) describe the issue and its exploitability in terms of a...
CVE-2023-38355
The CVE-2023-38355 entry concerns MiniTool Movie Maker 7.0, where an insecure installation process enables remote code execution via a man‑in‑the‑middle (MITM) attack. Affected versions span 6.1.0 to 7.0, with mitigations suggesting upgrades to versions later than 7.0 for 7.0 and later than 7.0 f...
CVE-2023-38356
CVE-2023-38356 affects MiniTool Power Data Recovery 11.6. The vulnerability arises from an insecure installation process that enables a man-in-the-middle attack to achieve remote code execution. Documents from multiple sources confirm the issue and its impact (RCE via MITM) and consistently cite ...
CVE-2023-38356
MiniTool Power Data Recovery 11.6 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack...
CVE-2023-38352
MiniTool Partition Wizard 12.8 contains an insecure update mechanism that allows attackers to achieve remote code execution through a man in the middle attack...
CVE-2023-38353
MiniTool Power Data Recovery version 11.6 and before contains an insecure in-app payment system that allows attackers to steal highly sensitive information through a man in the middle attack...
CVE-2023-38354
MiniTool Shadow Maker version 4.1 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack...
CVE-2023-38351
MiniTool Partition Wizard 12.8 contains an insecure installation mechanism that allows attackers to achieve remote code execution through a man in the middle attack...
CVE-2023-38355
MiniTool Movie Maker 7.0 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack...
CVE-2023-38351
MiniTool Partition Wizard 12.8 contains an insecure installation mechanism that allows attackers to achieve remote code execution through a man in the middle attack...
CVE-2023-38353
MiniTool Power Data Recovery version 11.6 and before contains an insecure in-app payment system that allows attackers to steal highly sensitive information through a man in the middle attack...
CVE-2023-38354
MiniTool Shadow Maker version 4.1 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack...
CVE-2023-38356
MiniTool Power Data Recovery 11.6 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack...
PT-2023-26378 · Minitool · Minitool Partition Wizard
Name of the Vulnerable Software and Affected Versions: MiniTool Partition Wizard version 12.8 Description: The issue is related to an insecure installation mechanism in MiniTool Partition Wizard, which allows attackers to achieve remote code execution through a man-in-the-middle attack...
PT-2023-26381 · Minitool · Minitool Movie Maker
Name of the Vulnerable Software and Affected Versions: MiniTool Movie Maker version 4.1 Description: The issue is related to an insecure installation process in MiniTool Movie Maker, which allows attackers to achieve remote code execution through a man-in-the-middle attack. Recommendations: For...
CVE-2023-38352
MiniTool Partition Wizard 12.8 contains an insecure update mechanism that allows attackers to achieve remote code execution through a man in the middle attack...
CVE-2023-38355
MiniTool Movie Maker 7.0 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack...
PT-2023-26379 · Minitool · Minitool Partition Wizard
Name of the Vulnerable Software and Affected Versions: MiniTool Partition Wizard version 12.8 Description: The issue is related to an insecure update mechanism in MiniTool Partition Wizard, which can be exploited by attackers to achieve remote code execution through a man-in-the-middle attack...
PT-2023-26380 · Minitool · Minitool Power Data Recovery
Name of the Vulnerable Software and Affected Versions: MiniTool Power Data Recovery versions 11.6 and before MiniTool Power Data Recovery version 11.5 Description: The issue concerns an insecure in-app payment system in MiniTool Power Data Recovery, which can be exploited through a...