Total
561 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-6593 | 1 Symantec | 1 Vip Access Desktop | 2024-11-21 | 7.8 High |
| A code-execution vulnerability exists during startup in jhi.dll and otpiha.dll in Symantec VIP Access Desktop before 2.2.2, which could let local malicious users execute arbitrary code. | ||||
| CVE-2016-10837 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 11.54.0.4 allows arbitrary code execution because of an unsafe @INC path (SEC-46). | ||||
| CVE-2014-3860 | 1 Xilisoft | 1 Video Converter | 2024-11-21 | 7.8 High |
| Xilisoft Video Converter Ultimate 7.8.1 build-20140505 has a DLL Hijacking vulnerability | ||||
| CVE-2013-3942 | 1 Daum | 1 Potplayer | 2024-11-21 | 7.8 High |
| Potplayer prior to 1.5.39659: DLL Loading Arbitrary Code Execution Vulnerability | ||||
| CVE-2013-3494 | 1 Umplayer Project | 1 Umplayer | 2024-11-21 | 7.8 High |
| A Code Execution Vulnerability exists in UMPlayer 0.98 in wintab32.dll due to insufficient path restrictions when loading external libraries. which could let a malicious user execute arbitrary code. | ||||
| CVE-2013-2773 | 1 Gonitro | 1 Nitropdf | 2024-11-21 | 7.8 High |
| Nitro PDF 8.5.0.26: A specially crafted DLL file can facilitate Arbitrary Code Execution | ||||
| CVE-2011-4125 | 1 Calibre-ebook | 1 Calibre | 2024-11-21 | 9.8 Critical |
| A untrusted search path issue was found in Calibre at devices/linux_mount_helper.c leading to the ability of unprivileged users to execute any program as root. | ||||
| CVE-2024-36507 | 1 Fortinet | 2 Forticlient, Forticlientwindows | 2024-11-14 | 6.7 Medium |
| A untrusted search path in Fortinet FortiClientWindows versions 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0 allows an attacker to run arbitrary code via DLL hijacking and social engineering. | ||||
| CVE-2024-9325 | 1 Intelbras | 2 Incontrol, Incontrol Web | 2024-11-04 | 7.8 High |
| A vulnerability classified as critical has been found in Intelbras InControl up to 2.21.56. This affects an unknown part of the file C:\Program Files (x86)\Intelbras\Incontrol Cliente\incontrol_webcam\incontrol-service-watchdog.exe. The manipulation leads to unquoted search path. It is possible to launch the attack on the local host. Upgrading to version 2.21.58 is able to address this issue. It is recommended to upgrade the affected component. The vendor was informed early on 2024-08-05 about this issue. The release of a fixed version 2.21.58 was announced for the end of August 2024 but then was postponed until 2024-09-20. | ||||
| CVE-2024-47422 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2024-10-18 | 7.8 High |
| Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution. An attacker could exploit this vulnerability by inserting a malicious path into the search directories, which the application could unknowingly execute. This could allow the attacker to execute arbitrary code in the context of the current user. Exploitation of this issue requires user interaction. | ||||
| CVE-2023-32266 | 1 Opentext | 1 Alm Quality Center | 2024-10-18 | N/A |
| Untrusted Search Path vulnerability in OpenTextâ„¢ Application Lifecycle Management (ALM),Quality Center allows Code Inclusion. The vulnerability allows a user to archive a malicious DLLs on the system prior to the installation. Â This issue affects Application Lifecycle Management (ALM),Quality Center: 15.00, 15.01, 15.01 P1, 15.01 P2, 15.01 P3, 15.01 P4, 15.01 P5, 15.51, 15.51 P1, 15.51 P2, 15.51 P3, 16.00, 16.01 P1. | ||||
| CVE-2024-8733 | 2024-10-04 | 8 High | ||
| A potential security vulnerability has been identified in the HP One Agent for certain HP PC products, which might allow for escalation of privilege. HP is releasing software updates to mitigate this potential vulnerability. | ||||
| CVE-2024-44103 | 1 Ivanti | 2 Automation, Workspace Control | 2024-09-18 | 8.8 High |
| DLL hijacking in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges. | ||||
| CVE-2024-45281 | 1 Sap | 1 Business Objects Business Intelligence Platform | 2024-09-16 | 5.8 Medium |
| SAP BusinessObjects Business Intelligence Platform allows a high privilege user to run client desktop applications even if some of the DLLs are not digitally signed or if the signature is broken. The attacker needs to have local access to the vulnerable system to perform DLL related tasks. This could result in a high impact on confidentiality and integrity of the application. | ||||
| CVE-2024-5622 | 2 B And R Industrial Automotion, Br-automation | 2 B And R Aprol, Industrial Automation Aprol | 2024-09-13 | 7.8 High |
| An untrusted search path vulnerability in the AprolConfigureCCServices of B&R APROL <= R 4.2.-07P3 and <= R 4.4-00P3 may allow an authenticated local attacker to execute arbitrary code with elevated privileges. | ||||
| CVE-2024-5623 | 1 Br-automation | 1 Industrial Automation Aprol | 2024-09-13 | 7.8 High |
| An untrusted search path vulnerability in B&R APROL <= R 4.4-00P3 may be used by an authenticated local attacker to get other users to execute arbitrary code under their privileges. | ||||
| CVE-2024-6473 | 1 Yandex | 1 Yandex Browser | 2024-09-05 | 7.8 High |
| Yandex Browser for Desktop before 24.7.1.380 has a DLL Hijacking Vulnerability because an untrusted search path is used. | ||||
| CVE-2024-42439 | 1 Zoom | 2 Meeting Software Development Kit, Workplace Desktop | 2024-08-29 | 6.5 Medium |
| Untrusted search path in the installer for Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOS before 6.1.0 may allow a privileged user to conduct an escalation of privilege via local access. | ||||
| CVE-2024-6975 | 1 Catonetworks | 2 Cato Client, Sdp Client | 2024-08-27 | 8.8 High |
| Cato Networks Windows SDP Client Local Privilege Escalation via openssl configuration file. This issue affects SDP Client before 5.10.34. | ||||
| CVE-2024-6974 | 1 Catonetworks | 2 Cato Client, Sdp Client | 2024-08-27 | 8.8 High |
| Cato Networks Windows SDP Client Local Privilege Escalation via self-upgradeThis issue affects SDP Client: before 5.10.34. | ||||