32 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-42171
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NSIS Nullsoft Scriptable Install System 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gain...
CVE-2026-42171
NSIS Nullsoft Scriptable Install System 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gain privileges if they can cause myGetTempFileName to return 0, as shown in the references...
EUVD-2015-9110
Malware in sbrugna...
EUVD-2023-41280
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-37378
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nullsoft Scriptable Install System NSIS before 3.09 mishandles access control for an uninstaller directory. CVE-2023-37378 Note that Nessus relies on the presen...
Linux Distros Unpatched Vulnerability : CVE-2025-43715
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nullsoft Scriptable Install System NSIS before 3.11 on Windows allows local users to escalate privileges to SYSTEM during an installation, because the temporary...
CVE-2025-43715
Nullsoft Scriptable Install System NSIS before 3.11 on Windows allows local users to escalate privileges to SYSTEM during an installation, because the temporary plugins directory is created under %WINDIR%\temp and unprivileged users can place a crafted executable file by winning a race condition...
UBUNTU-CVE-2025-43715
Nullsoft Scriptable Install System NSIS before 3.11 on Windows allows local users to escalate privileges to SYSTEM during an installation, because the temporary plugins directory is created under %WINDIR%\temp and unprivileged users can place a crafted executable file by winning a race condition...
CVE-2025-43715
CVE-2025-43715 affects the Nullsoft Scriptable Install System (NSIS) prior to 3.11 on Windows. The root cause is that the temporary plugins directory is created under %WINDIR%\temp and an unprivileged user can win a race by placing a crafted executable, because EW_CREATEDIR does not consistently ...
CVE-2025-43715
Nullsoft Scriptable Install System NSIS before 3.11 on Windows allows local users to escalate privileges to SYSTEM during an installation, because the temporary plugins directory is created under %WINDIR%\temp and unprivileged users can place a crafted executable file by winning a race condition...
CVE-2025-43715
Nullsoft Scriptable Install System NSIS before 3.11 on Windows allows local users to escalate privileges to SYSTEM during an installation, because the temporary plugins directory is created under %WINDIR%\temp and unprivileged users can place a crafted executable file by winning a race condition...
Nullsoft Scriptable Install System 安全漏洞
Nullsoft Scriptable Install System is a specialized open source system from the Nullsoft team for creating Windows installers. A security vulnerability exists in Nullsoft Scriptable Install System versions prior to 3.11, which stems from an improperly created temporary plug-in directory that coul...
CVE-2025-43715
Nullsoft Scriptable Install System NSIS before 3.11 on Windows allows local users to escalate privileges to SYSTEM during an installation, because the temporary plugins directory is created under %WINDIR%\temp and unprivileged users can place a crafted executable file by winning a race condition...
Fedora: Security Advisory for mingw-nsis (FEDORA-2023-dfb6cc599f)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 38 : mingw-nsis (2023-dfb6cc599f)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-dfb6cc599f advisory. Update to 3.09, fixes CVE-2023-37378. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...
CVE-2023-37378
Nullsoft Scriptable Install System NSIS before 3.09 mishandles access control for an uninstaller directory...
Directory traversal
Nullsoft Scriptable Install System NSIS before 3.09 mishandles access control for an uninstaller directory...
UBUNTU-CVE-2023-37378
Nullsoft Scriptable Install System NSIS before 3.09 mishandles access control for an uninstaller directory...
CVE-2023-37378
Nullsoft Scriptable Install System NSIS before 3.09 mishandles access control for an uninstaller directory...
CVE-2023-37378
Nullsoft Scriptable Install System NSIS before 3.09 mishandles access control for an uninstaller directory...