Nomachine Nomachine

Do you want an email whenever new security vulnerabilities are reported in Nomachine?

By the Year

In 2024 there have been 0 vulnerabilities in Nomachine . Last year Nomachine had 1 security vulnerability published. Right now, Nomachine is on track to have less security vulnerabilities in 2024 than it did last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 1 5.30
2022 1 7.30
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 3 8.47

It may take a day or so for new Nomachine vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Nomachine Security Vulnerabilities

An issue in NoMachine before v8.2.3

CVE-2022-48074 5.3 - Medium - February 03, 2023

An issue in NoMachine before v8.2.3 allows attackers to execute arbitrary commands via a crafted .nxs file.

Incorrect permissions for the folder C:\ProgramData\NoMachine\var\uninstall of Nomachine v7.9.2

CVE-2022-34043 7.3 - High - June 29, 2022

Incorrect permissions for the folder C:\ProgramData\NoMachine\var\uninstall of Nomachine v7.9.2 allows attackers to perform a DLL hijacking attack and execute arbitrary code.

Incorrect Permission Assignment for Critical Resource

NoMachine before 5.3.27 and 6.x before 6.3.6

CVE-2018-17980 7.8 - High - October 15, 2018

NoMachine before 5.3.27 and 6.x before 6.3.6 allows attackers to gain privileges via a Trojan horse wintab32.dll file located in the same directory as a .nxs file, as demonstrated by a scenario where the .nxs file and the DLL are in the current working directory, and the Trojan horse code is executed. (The directory could, in general, be on a local filesystem or a network share.).

Untrusted Path

A vulnerability in NoMachine App for Android 5.0.63 and earlier

CVE-2018-0664 9.8 - Critical - September 04, 2018

A vulnerability in NoMachine App for Android 5.0.63 and earlier allows attackers to alter environment variables via unspecified vectors.

Improper Input Validation

An uninitialised stack variable in the nxfuse component

CVE-2018-6947 7.8 - High - February 28, 2018

An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS library shipped with NoMachine 6.0.66_2 and earlier allows a local low privileged user to gain elevation of privileges on Windows 7 (32 and 64bit), and denial of service for Windows 8 and 10.

Improper Initialization

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Windows 8 or by Nomachine? Click the Watch button to subscribe.

Nomachine
Vendor

Nomachine
Product

subscribe