Minitool CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (8 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2020-36953	1 Minitool	1 Shadowmaker	2026-01-27	7.8 High
MiniTool ShadowMaker 3.2 contains an unquoted service path vulnerability in the MTAgentService that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\MiniTool ShadowMaker\AgentService.exe' to inject malicious executables and escalate privileges.
CVE-2023-38356	1 Minitool	1 Power Data Recovery	2024-11-21	8.1 High
MiniTool Power Data Recovery 11.6 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack.
CVE-2023-38355	1 Minitool	1 Movie Maker	2024-11-21	8.1 High
MiniTool Movie Maker 7.0 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack.
CVE-2023-38354	1 Minitool	1 Shadowmaker	2024-11-21	8.1 High
MiniTool Shadow Maker version 4.1 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack.
CVE-2023-38353	1 Minitool	1 Power Data Recovery	2024-11-21	5.9 Medium
MiniTool Power Data Recovery version 11.6 and before contains an insecure in-app payment system that allows attackers to steal highly sensitive information through a man in the middle attack.
CVE-2023-38352	1 Minitool	1 Partition Wizard	2024-11-21	8.1 High
MiniTool Partition Wizard 12.8 contains an insecure update mechanism that allows attackers to achieve remote code execution through a man in the middle attack.
CVE-2023-38351	1 Minitool	1 Partition Wizard	2024-11-21	8.1 High
MiniTool Partition Wizard 12.8 contains an insecure installation mechanism that allows attackers to achieve remote code execution through a man in the middle attack.
CVE-2022-29320	1 Minitool	1 Partition Wizard	2024-11-21	7.8 High
MiniTool Partition Wizard v12.0 contains an unquoted service path which allows attackers to escalate privileges to the system level.

Page 1 of 1.