This page aggregates publicly disclosed CVE and security risk information related to minitool, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-38356 | MiniTool Power Data Recovery 11.6 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack. | [email protected] | 8.1 | 5.97% | 2023-09-19 | 2024-11-21 |
| CVE-2023-38355 | MiniTool Movie Maker 7.0 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack. | [email protected] | 8.1 | 5.97% | 2023-09-19 | 2024-11-21 |
| CVE-2023-38354 | MiniTool Shadow Maker version 4.1 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack. | [email protected] | 8.1 | 5.97% | 2023-09-19 | 2024-11-21 |
| CVE-2023-38353 | MiniTool Power Data Recovery version 11.6 and before contains an insecure in-app payment system that allows attackers to steal highly sensitive information through a man in the middle attack. | [email protected] | 5.9 | 0.19% | 2023-09-19 | 2024-11-21 |
| CVE-2023-38352 | MiniTool Partition Wizard 12.8 contains an insecure update mechanism that allows attackers to achieve remote code execution through a man in the middle attack. | [email protected] | 8.1 | 5.97% | 2023-09-19 | 2024-11-21 |
| CVE-2023-38351 | MiniTool Partition Wizard 12.8 contains an insecure installation mechanism that allows attackers to achieve remote code execution through a man in the middle attack. | [email protected] | 8.1 | 5.97% | 2023-09-19 | 2024-11-21 |
| CVE-2022-29320 | MiniTool Partition Wizard v12.0 contains an unquoted service path which allows attackers to escalate privileges to the system level. | [email protected] | 7.8 | 0.13% | 2022-05-20 | 2024-11-21 |