Known Vulnerabilities for products from Nullsoft
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Nullsoft".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2015-9268 | Nullsoft Scriptable Install System (NSIS) before 2.49 has unsafe implicit linking against Version.dll. In other words, there ... | 7.8 - HIGH | 2018-10-01 | 2021-03-15 |
| CVE-2015-9267 | Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unprivileged local users to ... | 5.5 - MEDIUM | 2018-10-01 | 2021-03-15 |
| CVE-2014-3442 | Winamp 5.666 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) via a malformed .... | 4.3 - MEDIUM | 2014-05-23 | 2017-08-29 |
| CVE-2013-4694 | Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Build 3418 allows remote attackers to cause a denial of s... | 7.5 - HIGH | 2014-04-16 | 2017-08-29 |
| CVE-2012-4045 | Multiple heap-based buffer overflows in bmp.w5s in Winamp before 5.63 build 3235 allow remote attackers to execute arbitrary ... | 7.5 - HIGH | 2012-07-22 | 2017-09-19 |
| CVE-2012-3890 | The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (heap memory corruption) or poss... | 6.8 - MEDIUM | 2012-07-11 | 2017-09-19 |
| CVE-2012-3889 | The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (memory corruption) or possibly ... | 6.8 - MEDIUM | 2012-07-11 | 2017-09-19 |
| CVE-2011-4857 | Heap-based buffer overflow in the in_mod.dll plugin in Winamp before 5.623 allows remote attackers to execute arbitrary code ... | 10 - HIGH | 2011-12-16 | 2017-09-19 |
| CVE-2011-3834 | Multiple integer overflows in the in_avi.dll plugin in Winamp before 5.623 allow remote attackers to execute arbitrary code v... | 9.3 - HIGH | 2011-12-16 | 2017-09-19 |
| CVE-2010-4374 | The in_mkv plugin in Winamp before 5.6 allows remote attackers to cause a denial of service (application crash) via a Matrosk... | 4.3 - MEDIUM | 2010-12-02 | 2017-09-19 |
| CVE-2010-4373 | The in_mp4 plugin in Winamp before 5.6 allows remote attackers to cause a denial of service (application crash) via crafted (... | 4.3 - MEDIUM | 2010-12-02 | 2017-09-19 |
| CVE-2010-4372 | Integer overflow in the in_nsv plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors ... | 9.3 - HIGH | 2010-12-02 | 2017-09-19 |
| CVE-2010-4371 | Buffer overflow in the in_mod plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors r... | 9.3 - HIGH | 2010-12-02 | 2017-09-19 |
| CVE-2010-4370 | Multiple integer overflows in the in_midi plugin in Winamp before 5.6 allow remote attackers to execute arbitrary code via a ... | 9.3 - HIGH | 2010-12-02 | 2018-10-10 |
| CVE-2010-3137 | Untrusted search path vulnerability in Nullsoft Winamp 5.581, and probably other versions, allows local users, and possibly r... | 9.3 - HIGH | 2010-08-26 | 2017-09-19 |
| CVE-2010-2586 | Multiple integer overflows in in_nsv.dll in the in_nsv plugin in Winamp before 5.6 allow remote attackers to execute arbitrar... | 9.3 - HIGH | 2010-12-02 | 2018-10-10 |
| CVE-2010-1523 | Multiple heap-based buffer overflows in vp6.w5s (aka the VP6 codec) in Winamp before 5.59 Beta build 3033 might allow remote ... | 9.3 - HIGH | 2010-11-06 | 2018-10-10 |
| CVE-2009-4356 | Multiple integer overflows in the jpeg.w5s and png.w5s filters in Winamp before 5.57 allow remote attackers to execute arbitr... | 9.3 - HIGH | 2009-12-18 | 2018-10-10 |
| CVE-2009-3997 | Integer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57 might allow remote attackers to execute... | 9.3 - HIGH | 2009-12-18 | 2018-10-10 |
| CVE-2009-3996 | Heap-based buffer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might ... | 9.3 - HIGH | 2009-12-18 | 2018-10-10 |
Known software with vulnerabilities from Nullsoft
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Nullsoft | Nullsoft Install System | 2.30 |
| Application | Nullsoft | Nullsoft Scriptable Install System | 2.0 |
| Application | Nullsoft | Winamp | 0.20a |