Known Vulnerabilities for products from Nullsoft
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Nullsoft".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-37378 json | Nullsoft Scriptable Install System (NSIS) before 3.09 mishandles access control for an uninstaller directory. | 5.3 - MEDIUM | 2023-07-03 | 2023-11-07 |
| CVE-2015-9268 json | Nullsoft Scriptable Install System (NSIS) before 2.49 has unsafe implicit linking against Version.dll. In other words, there ... | 7.8 - HIGH | 2018-10-01 | 2021-03-15 |
| CVE-2015-9267 json | Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unprivileged local users to ... | 5.5 - MEDIUM | 2018-10-01 | 2021-03-15 |
| CVE-2014-3442 json | Winamp 5.666 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) via a malformed .... | 4.3 - MEDIUM | 2014-05-23 | 2017-08-29 |
| CVE-2013-4694 json | Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Build 3418 allows remote attackers to cause a denial of s... | 7.5 - HIGH | 2014-04-16 | 2017-08-29 |
| CVE-2012-4045 json | Multiple heap-based buffer overflows in bmp.w5s in Winamp before 5.63 build 3235 allow remote attackers to execute arbitrary ... | 7.5 - HIGH | 2012-07-22 | 2017-09-19 |
| CVE-2012-3890 json | The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (heap memory corruption) or poss... | 6.8 - MEDIUM | 2012-07-11 | 2017-09-19 |
| CVE-2012-3889 json | The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (memory corruption) or possibly ... | 6.8 - MEDIUM | 2012-07-11 | 2017-09-19 |
| CVE-2011-4857 json | Heap-based buffer overflow in the in_mod.dll plugin in Winamp before 5.623 allows remote attackers to execute arbitrary code ... | 10 - HIGH | 2011-12-16 | 2017-09-19 |
| CVE-2011-3834 json | Multiple integer overflows in the in_avi.dll plugin in Winamp before 5.623 allow remote attackers to execute arbitrary code v... | 9.3 - HIGH | 2011-12-16 | 2017-09-19 |
| CVE-2010-4374 json | The in_mkv plugin in Winamp before 5.6 allows remote attackers to cause a denial of service (application crash) via a Matrosk... | 4.3 - MEDIUM | 2010-12-02 | 2017-09-19 |
| CVE-2010-4373 json | The in_mp4 plugin in Winamp before 5.6 allows remote attackers to cause a denial of service (application crash) via crafted (... | 4.3 - MEDIUM | 2010-12-02 | 2017-09-19 |
| CVE-2010-4372 json | Integer overflow in the in_nsv plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors ... | 9.3 - HIGH | 2010-12-02 | 2017-09-19 |
| CVE-2010-4371 json | Buffer overflow in the in_mod plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors r... | 9.3 - HIGH | 2010-12-02 | 2017-09-19 |
| CVE-2010-4370 json | Multiple integer overflows in the in_midi plugin in Winamp before 5.6 allow remote attackers to execute arbitrary code via a ... | 9.3 - HIGH | 2010-12-02 | 2018-10-10 |
| CVE-2010-3137 json | Untrusted search path vulnerability in Nullsoft Winamp 5.581, and probably other versions, allows local users, and possibly r... | 9.3 - HIGH | 2010-08-26 | 2017-09-19 |
| CVE-2010-2586 json | Multiple integer overflows in in_nsv.dll in the in_nsv plugin in Winamp before 5.6 allow remote attackers to execute arbitrar... | 9.3 - HIGH | 2010-12-02 | 2018-10-10 |
| CVE-2010-1523 json | Multiple heap-based buffer overflows in vp6.w5s (aka the VP6 codec) in Winamp before 5.59 Beta build 3033 might allow remote ... | 9.3 - HIGH | 2010-11-06 | 2018-10-10 |
| CVE-2009-4356 json | Multiple integer overflows in the jpeg.w5s and png.w5s filters in Winamp before 5.57 allow remote attackers to execute arbitr... | 9.3 - HIGH | 2009-12-18 | 2018-10-10 |
| CVE-2009-3997 json | Integer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57 might allow remote attackers to execute... | 9.3 - HIGH | 2009-12-18 | 2018-10-10 |
Known software with vulnerabilities from Nullsoft
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Nullsoft | Nullsoft Install System | 2.30 |
| Application | Nullsoft | Nullsoft Scriptable Install System | 2.0 |
| Application | Nullsoft | Winamp | 0.20a |