NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the NoMachine Device Serve...

EUVD-2012-4927

Malware in sbrugna...

CVE-2023-39107

An arbitrary file overwrite vulnerability in NoMachine Free Edition and Enterprise Client for macOS before v8.8.1 allows attackers to overwrite root-owned files by using hardlinks...

CVE-2021-42980

NoMachine Cloud Server is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Cloud Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service memory corruption and OS crash via specially crafted I/O Request...

Nomachine NoMachine输入验证错误漏洞

NoMachine is a remote desktop access tool from Luxembourg-based NoMachine. NoMachine Enterprise Desktop suffers from a security vulnerability that could be exploited by attackers to execute arbitrary code in kernel mode or cause a denial of service memory corruption and OS crash via specially...

CVE-2012-5003

nxapplet.jar in No Machine NX Web Companion 3.x and earlier does not properly verify the authenticity of updates, which allows user-assisted remote attackers to execute arbitrary code via a crafted 1 SiteUrl or 2 RedirectUrl parameter that points to a Trojan Horse client.zip update file...

Design/Logic Flaw

nxapplet.jar in No Machine NX Web Companion 3.x and earlier does not properly verify the authenticity of updates, which allows user-assisted remote attackers to execute arbitrary code via a crafted 1 SiteUrl or 2 RedirectUrl parameter that points to a Trojan Horse client.zip update file...

CVE-2012-5003

CVE-2012-5003 concerns nxapplet.jar in No Machine NX Web Companion 3.x and earlier. The update authenticity check is insufficient, allowing a user-assisted remote attacker to execute arbitrary code via a crafted (SiteUrl) or (RedirectUrl) parameter that points to a Trojan Horse client.zip update ...

CVE-2012-5003

nxapplet.jar in No Machine NX Web Companion 3.x and earlier does not properly verify the authenticity of updates, which allows user-assisted remote attackers to execute arbitrary code via a crafted 1 SiteUrl or 2 RedirectUrl parameter that points to a Trojan Horse client.zip update file...

NX Server Free Edition, NX Node: Privilege escalation

Background NX Server Free Edition is a remote display technology by No Machine. NX Node provides the shared components for NX Server. Description NX Server Free Edition and NX Node use nxconfigure.sh, a setuid script containing an unspecified vulnerability. Impact A local attacker could gain...