Search
Search Results (9 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-15475 | 1 Minitool | 1 Partition Wizard | 2026-07-12 | 5.3 Medium |
| A weakness has been identified in MiniTool Partition Wizard up to 13.6. The affected element is an unknown function in the library pwdrvio.sys of the component Signed Kernel Driver. This manipulation causes improper access controls. The attack can only be executed locally. The exploit has been made available to the public and could be used for attacks. Upgrading to version 13.9 is sufficient to fix this issue. The affected component should be upgraded. The vendor was contacted early about this disclosure. | ||||
| CVE-2020-36953 | 1 Minitool | 1 Shadowmaker | 2026-04-15 | 7.8 High |
| MiniTool ShadowMaker 3.2 contains an unquoted service path vulnerability in the MTAgentService that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\MiniTool ShadowMaker\AgentService.exe' to inject malicious executables and escalate privileges. | ||||
| CVE-2023-38356 | 1 Minitool | 1 Power Data Recovery | 2024-11-21 | 8.1 High |
| MiniTool Power Data Recovery 11.6 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack. | ||||
| CVE-2023-38355 | 1 Minitool | 1 Movie Maker | 2024-11-21 | 8.1 High |
| MiniTool Movie Maker 7.0 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack. | ||||
| CVE-2023-38354 | 1 Minitool | 1 Shadowmaker | 2024-11-21 | 8.1 High |
| MiniTool Shadow Maker version 4.1 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack. | ||||
| CVE-2023-38353 | 1 Minitool | 1 Power Data Recovery | 2024-11-21 | 5.9 Medium |
| MiniTool Power Data Recovery version 11.6 and before contains an insecure in-app payment system that allows attackers to steal highly sensitive information through a man in the middle attack. | ||||
| CVE-2023-38352 | 1 Minitool | 1 Partition Wizard | 2024-11-21 | 8.1 High |
| MiniTool Partition Wizard 12.8 contains an insecure update mechanism that allows attackers to achieve remote code execution through a man in the middle attack. | ||||
| CVE-2023-38351 | 1 Minitool | 1 Partition Wizard | 2024-11-21 | 8.1 High |
| MiniTool Partition Wizard 12.8 contains an insecure installation mechanism that allows attackers to achieve remote code execution through a man in the middle attack. | ||||
| CVE-2022-29320 | 1 Minitool | 1 Partition Wizard | 2024-11-21 | 7.8 High |
| MiniTool Partition Wizard v12.0 contains an unquoted service path which allows attackers to escalate privileges to the system level. | ||||
Page 1 of 1.