PT-2024-17316 · Rizone Soft · Notepad3

Name of the Vulnerable Software and Affected Versions: Rizone Soft Notepad3 version 1.0.2.350 Description: A problematic issue was found in the Encryption Passphrase Handler component, affecting an unknown function. This issue leads to denial of service and requires local attacking. The exploit h...

CVE-2023-47452

An Untrusted search path vulnerability in notepad++ 6.5 allows local users to gain escalated privileges through the msimg32.dll file in the current working directory...

CVE-2023-47452

An Untrusted search path vulnerability in notepad++ 6.5 allows local users to gain escalated privileges through the msimg32.dll file in the current working directory...

CVE-2023-47452

An Untrusted search path vulnerability in notepad++ 6.5 allows local users to gain escalated privileges through the msimg32.dll file in the current working directory...

Design/Logic Flaw

An Untrusted search path vulnerability in notepad++ 6.5 allows local users to gain escalated privileges through the msimg32.dll file in the current working directory...

CVE-2023-6401

A vulnerability classified as problematic was found in NotePad++ up to 8.1. Affected by this vulnerability is an unknown functionality of the file dbghelp.exe. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The identifier VDB-246421 was assigned to thi...

CVE-2023-6401

A vulnerability classified as problematic was found in NotePad++ up to 8.1. Affected by this vulnerability is an unknown functionality of the file dbghelp.exe. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The identifier VDB-246421 was assigned to thi...

Design/Logic Flaw

A vulnerability classified as problematic was found in NotePad++ up to 8.1. Affected by this vulnerability is an unknown functionality of the file dbghelp.exe. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The identifier VDB-246421 was assigned to thi...

CVE-2023-6401 NotePad++ dbghelp.exe uncontrolled search path

A vulnerability classified as problematic was found in NotePad++ up to 8.1. Affected by this vulnerability is an unknown functionality of the file dbghelp.exe. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The identifier VDB-246421 was assigned to thi...

CVE-2023-6401

CVE-2023-6401 affects NotePad++ up to version 8.1. The vulnerability is DLL search/path hijacking in dbghelp.dll loaded by the application, enabling local attackers to execute arbitrary code. The root cause is an uncontrolled search path that can cause the malicious dbghelp.dll in the application...

CVE-2023-47452

An Untrusted search path vulnerability in notepad++ 6.5 allows local users to gain escalated privileges through the msimg32.dll file in the current working directory...

PT-2023-30454 · Notepad++ · Notepad++

Name of the Vulnerable Software and Affected Versions: notepad++ version 6.5 Description: An Untrusted search path issue allows local users to gain escalated privileges through the msimg32.dll file in the current working directory. Recommendations: For notepad++ version 6.5, consider restricting...

CVE-2023-47452

CVE-2023-47452 affects Notepad++ 6.5; vulnerability is an Untrusted search path allowing local privilege escalation via msimg32.dll loaded from the current working directory. Root cause: loading a system DLL from CWD can override expected DLLs. Impact (as stated): local privilege escalation with ...

Notepad++ Security Vulnerability

Notepad++ is an open source plain text editor by Don Ho, an individual developer in Taiwan, China. A security vulnerability exists in Notepad++ version 6.5, which originates from allowing local users to gain privileges via the msimg32.dll file in the current working directory...

Notepad++ Code Issue Vulnerability

Notepad++ is an open source plain text editor by Don Ho, an individual developer in Taiwan, China. A code issue exists in Notepad++ version 8.1 and prior versions that is caused by an uncontrolled search path...

PT-2023-32639 · Notepad++ · Notepad++

Name of the Vulnerable Software and Affected Versions: NotePad++ versions up to 8.1 Description: A problematic issue was found in NotePad++, affecting an unknown functionality of the file dbghelp.exe. This leads to an uncontrolled search path. The issue can be exploited locally. Recommendations:...

Malvertisers Using Google Ads to Target Users Searching for Popular Software

Details have emerged about a malvertising campaign that leverages Google Ads to direct users searching for popular software to fictitious landing pages and distribute next-stage payloads. Malwarebytes, which discovered the activity, said it's "unique in its way to fingerprint users and distribute...

The forgotten malvertising campaign

In recent weeks, we have noted an increase in malvertising campaigns via Google searches. Several of the threat actors we are tracking have improved their techniques to evade detection throughout the delivery chain. We believe this evolution will have a real world impact among corporate users...

Notepad++ Installed (Windows)

Binary data notepadpluspluswininstalled.nbin...

Vulnerabilities fixed in Notepad++

Vulnerabilities have been fixed in Notepad++. A malicious person could exploit the vulnerabilities to gain access to memory locations to which the malicious party is not authorized, or potentially execute arbitrary code with privileges of the victim. Successful exploitation requires the malicious...