Filtered by vendor Nullsoft Subscriptions
Filtered by product Nullsoft Scriptable Install System Subscriptions
Total 5 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2026-42171 1 Nullsoft 1 Nullsoft Scriptable Install System 2026-04-28 7.8 High
NSIS (Nullsoft Scriptable Install System) 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gain privileges (if they can cause my_GetTempFileName to return 0, as shown in the references).
CVE-2025-43715 1 Nullsoft 1 Nullsoft Scriptable Install System 2026-04-15 8.1 High
Nullsoft Scriptable Install System (NSIS) before 3.11 on Windows allows local users to escalate privileges to SYSTEM during an installation, because the temporary plugins directory is created under %WINDIR%\temp and unprivileged users can place a crafted executable file by winning a race condition. This occurs because EW_CREATEDIR does not always set the CreateRestrictedDirectory error flag.
CVE-2023-37378 1 Nullsoft 1 Nullsoft Scriptable Install System 2024-11-21 5.3 Medium
Nullsoft Scriptable Install System (NSIS) before 3.09 mishandles access control for an uninstaller directory.
CVE-2015-9268 2 Debian, Nullsoft 2 Debian Linux, Nullsoft Scriptable Install System 2024-11-21 7.8 High
Nullsoft Scriptable Install System (NSIS) before 2.49 has unsafe implicit linking against Version.dll. In other words, there is no protection mechanism in which a wrapper function resolves the dependency at an appropriate time during runtime.
CVE-2015-9267 2 Debian, Nullsoft 2 Debian Linux, Nullsoft Scriptable Install System 2024-11-21 5.5 Medium
Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files. This allows a local attack in which either a plugin or the uninstaller can be replaced by a Trojan horse program.