Nomachine
By the Year
In 2024 there have been 0 vulnerabilities in Nomachine . Last year Nomachine had 1 security vulnerability published. Right now, Nomachine is on track to have less security vulnerabilities in 2024 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 1 | 5.30 |
2022 | 1 | 7.30 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 3 | 8.47 |
It may take a day or so for new Nomachine vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Nomachine Security Vulnerabilities
An issue in NoMachine before v8.2.3
CVE-2022-48074
5.3 - Medium
- February 03, 2023
An issue in NoMachine before v8.2.3 allows attackers to execute arbitrary commands via a crafted .nxs file.
Incorrect permissions for the folder C:\ProgramData\NoMachine\var\uninstall of Nomachine v7.9.2
CVE-2022-34043
7.3 - High
- June 29, 2022
Incorrect permissions for the folder C:\ProgramData\NoMachine\var\uninstall of Nomachine v7.9.2 allows attackers to perform a DLL hijacking attack and execute arbitrary code.
Incorrect Permission Assignment for Critical Resource
NoMachine before 5.3.27 and 6.x before 6.3.6
CVE-2018-17980
7.8 - High
- October 15, 2018
NoMachine before 5.3.27 and 6.x before 6.3.6 allows attackers to gain privileges via a Trojan horse wintab32.dll file located in the same directory as a .nxs file, as demonstrated by a scenario where the .nxs file and the DLL are in the current working directory, and the Trojan horse code is executed. (The directory could, in general, be on a local filesystem or a network share.).
Untrusted Path
A vulnerability in NoMachine App for Android 5.0.63 and earlier
CVE-2018-0664
9.8 - Critical
- September 04, 2018
A vulnerability in NoMachine App for Android 5.0.63 and earlier allows attackers to alter environment variables via unspecified vectors.
Improper Input Validation
An uninitialised stack variable in the nxfuse component
CVE-2018-6947
7.8 - High
- February 28, 2018
An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS library shipped with NoMachine 6.0.66_2 and earlier allows a local low privileged user to gain elevation of privileges on Windows 7 (32 and 64bit), and denial of service for Windows 8 and 10.
Improper Initialization