Akeo

Rufus

4 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7

CVE-2026-23988

Exploit
  • EPSS 0%
  • Veröffentlicht 22.01.2026 21:52:26
  • Zuletzt bearbeitet 27.02.2026 14:36:16

Rufus is a utility that helps format and create bootable USB flash drives. Versions 4.11 and below contain a race condition (TOCTOU) in src/net.c during the creation, validation, and execution of the Fido PowerShell script. Since Rufus runs with elev...

7.8

CVE-2019-1010100

  • EPSS 0.39%
  • Veröffentlicht 19.07.2019 16:15:12
  • Zuletzt bearbeitet 21.11.2024 04:17:58

Akeo Consulting Rufus 3.0 and earlier is affected by: DLL search order hijacking. The impact is: Arbitrary code execution WITH escalation of privilege. The component is: Executable installers, portable executables (ALL executables on the web site). T...

9.8

CVE-2019-1010101

  • EPSS 0.34%
  • Veröffentlicht 19.07.2019 16:15:12
  • Zuletzt bearbeitet 21.11.2024 04:17:58

Akeo Consulting Rufus 3.0 and earlier is affected by: Insecure Permissions. The impact is: arbitrary code execution with escalation of privilege. The component is: Executable installer, portable executable (ALL executables available). The attack vect...

8.1

CVE-2017-13083

  • EPSS 0.11%
  • Veröffentlicht 18.10.2017 13:29:00
  • Zuletzt bearbeitet 07.04.2026 13:07:23

Akeo Consulting Rufus prior to version 2.17.1187 does not adequately validate the integrity of updates downloaded over HTTP, allowing an attacker to easily convince a user to execute arbitrary code