VYPR

Nomachine

by Nomachine

CVEs (15)

  • CVE-2017-12763HigAug 29, 2017
    risk 0.61cvss 8.8epss 0.04

    An unspecified server utility in NoMachine before 5.3.10 on Mac OS X and Linux allows authenticated users to gain privileges by gaining access to local files.

  • CVE-2018-6947HigFeb 28, 2018
    risk 0.54cvss 7.8epss 0.03

    An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS library shipped with NoMachine 6.0.66_2 and earlier allows a local low privileged user to gain elevation of privileges on Windows 7 (32 and 64bit), and denial of service for Windows 8…

  • CVE-2026-5055HigApr 11, 2026
    risk 0.51cvss 7.8epss 0.00

    NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target…

  • CVE-2026-5054HigApr 11, 2026
    risk 0.51cvss 7.8epss 0.00

    NoMachine External Control of File Path Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target…

  • CVE-2026-53694HigJun 10, 2026
    risk 0.47cvss epss 0.00

    Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Nomachine allows Argument Injection.This issue affects Nomachine: before 9.5.7, before 8.23.2.

  • CVE-2026-5053HigApr 11, 2026
    risk 0.46cvss 7.1epss 0.00

    NoMachine External Control of File Path Arbitrary File Deletion Vulnerability. This vulnerability allows local attackers to delete arbitrary files on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target…

  • CVE-2018-17980Oct 15, 2018
    risk 0.03cvss epss 0.05

    NoMachine before 5.3.27 and 6.x before 6.3.6 allows attackers to gain privileges via a Trojan horse wintab32.dll file located in the same directory as a .nxs file, as demonstrated by a scenario where the .nxs file and the DLL are in the current working directory, and the Trojan…

  • CVE-2025-8614Sep 2, 2025
    risk 0.00cvss epss 0.00

    NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target…

  • CVE-2024-7253Nov 22, 2024
    risk 0.00cvss epss 0.00

    NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target…

  • CVE-2022-48074Feb 3, 2023
    risk 0.00cvss epss 0.00

    An issue in NoMachine before v8.2.3 allows attackers to execute arbitrary commands via a crafted .nxs file.

  • CVE-2022-34043Jun 29, 2022
    risk 0.00cvss epss 0.00

    Incorrect permissions for the folder C:\ProgramData\NoMachine\var\uninstall of Nomachine v7.9.2 allows attackers to perform a DLL hijacking attack and execute arbitrary code.

  • CVE-2021-33436Apr 28, 2022
    risk 0.00cvss epss 0.00

    NoMachine for Windows prior to version 6.15.1 and 7.5.2 suffer from local privilege escalation due to the lack of safe DLL loading. This vulnerability allows local non-privileged users to perform DLL Hijacking via any writable directory listed under the system path and…

  • CVE-2021-42973Dec 7, 2021
    risk 0.00cvss epss 0.00

    NoMachine Server is affected by Integer Overflow. IOCTL Handler 0x22001B in the NoMachine Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O…

  • CVE-2021-42972Dec 7, 2021
    risk 0.00cvss epss 0.00

    NoMachine Server is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O…

  • CVE-2018-20029Dec 10, 2018
    risk 0.00cvss epss 0.00

    The nxfs.sys driver in the DokanFS library 0.6.0 in NoMachine before 6.4.6 on Windows 10 allows local users to cause a denial of service (BSOD) because uninitialized memory can be read.