Known Vulnerabilities for products from Nullsoft
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Nullsoft".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-42171 json | NSIS (Nullsoft Scriptable Install System) 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTE... | Not Provided | 2026-04-24 | 2026-05-18 |
| CVE-2023-37378 json | Nullsoft Scriptable Install System (NSIS) before 3.09 mishandles access control for an uninstaller directory. | 5.3 - MEDIUM | 2023-07-03 | 2023-11-07 |
| CVE-2015-9268 json | Nullsoft Scriptable Install System (NSIS) before 2.49 has unsafe implicit linking against Version.dll. In other words, there ... | 7.8 - HIGH | 2018-10-01 | 2021-03-15 |
| CVE-2015-9267 json | Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unprivileged local users to ... | 5.5 - MEDIUM | 2018-10-01 | 2021-03-15 |
| CVE-2014-3442 json | Winamp 5.666 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) via a malformed .... | Not Provided | 2014-05-23 | 2026-05-06 |
| CVE-2013-4694 json | Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Build 3418 allows remote attackers to cause a denial of s... | Not Provided | 2014-04-16 | 2026-05-06 |
| CVE-2012-4045 json | Multiple heap-based buffer overflows in bmp.w5s in Winamp before 5.63 build 3235 allow remote attackers to execute arbitrary ... | Not Provided | 2012-07-22 | 2026-04-29 |
| CVE-2012-3890 json | The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (heap memory corruption) or poss... | Not Provided | 2012-07-11 | 2026-04-29 |
| CVE-2012-3889 json | The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (memory corruption) or possibly ... | Not Provided | 2012-07-11 | 2026-04-29 |
| CVE-2011-4857 json | Heap-based buffer overflow in the in_mod.dll plugin in Winamp before 5.623 allows remote attackers to execute arbitrary code ... | Not Provided | 2011-12-16 | 2026-04-29 |
| CVE-2011-3834 json | Multiple integer overflows in the in_avi.dll plugin in Winamp before 5.623 allow remote attackers to execute arbitrary code v... | Not Provided | 2011-12-16 | 2026-04-29 |
| CVE-2010-4374 json | The in_mkv plugin in Winamp before 5.6 allows remote attackers to cause a denial of service (application crash) via a Matrosk... | Not Provided | 2010-12-02 | 2026-04-29 |
| CVE-2010-4373 json | The in_mp4 plugin in Winamp before 5.6 allows remote attackers to cause a denial of service (application crash) via crafted (... | Not Provided | 2010-12-02 | 2026-04-29 |
| CVE-2010-4372 json | Integer overflow in the in_nsv plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors ... | Not Provided | 2010-12-02 | 2026-04-29 |
| CVE-2010-4371 json | Buffer overflow in the in_mod plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors r... | Not Provided | 2010-12-02 | 2026-04-29 |
| CVE-2010-4370 json | Multiple integer overflows in the in_midi plugin in Winamp before 5.6 allow remote attackers to execute arbitrary code via a ... | Not Provided | 2010-12-02 | 2026-04-29 |
| CVE-2010-3137 json | Untrusted search path vulnerability in Nullsoft Winamp 5.581, and probably other versions, allows local users, and possibly r... | Not Provided | 2010-08-26 | 2026-04-29 |
| CVE-2010-2586 json | Multiple integer overflows in in_nsv.dll in the in_nsv plugin in Winamp before 5.6 allow remote attackers to execute arbitrar... | Not Provided | 2010-12-02 | 2026-04-29 |
| CVE-2010-1523 json | Multiple heap-based buffer overflows in vp6.w5s (aka the VP6 codec) in Winamp before 5.59 Beta build 3033 might allow remote ... | Not Provided | 2010-11-06 | 2026-04-29 |
| CVE-2009-4356 json | Multiple integer overflows in the jpeg.w5s and png.w5s filters in Winamp before 5.57 allow remote attackers to execute arbitr... | Not Provided | 2009-12-18 | 2026-04-23 |
Known software with vulnerabilities from Nullsoft
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Nullsoft | Nullsoft Install System | 2.30 |
| Application | Nullsoft | Nullsoft Scriptable Install System | 2.0 |
| Application | Nullsoft | Winamp | 0.20a |