Search
Total
429 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-1458 | 3 Ibm, Linux, Microsoft | 3 Db2, Linux Kernel, Windows | 2019-10-09 | 6.8 MEDIUM | 7.8 HIGH |
| IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10,1, 10.5 and 11.1 could allow a local user to execute arbitrary code and conduct DLL hijacking attacks. IBM X-Force ID: 140209. | |||||
| CVE-2018-1437 | 1 Ibm | 1 Notes | 2019-10-09 | 9.3 HIGH | 7.8 HIGH |
| IBM Notes 8.5 and 9.0 could allow an attacker to execute arbitrary code on the system, caused by an error related to multiple untrusted search path. A local attacker could exploit this vulnerability to DLL hijacking to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 139565. | |||||
| CVE-2018-1435 | 1 Ibm | 1 Notes | 2019-10-09 | 6.8 MEDIUM | 7.8 HIGH |
| IBM Notes 8.5 and 9.0 is vulnerable to a DLL hijacking attack. A remote attacker could trick a user to double click a malicious executable in an attacker-controlled directory, which could result in code execution. IBM X-Force ID: 139563. | |||||
| CVE-2018-12449 | 1 Navercorp | 1 Whale | 2019-10-09 | 6.8 MEDIUM | 7.8 HIGH |
| The Whale browser installer 0.4.3.0 and earlier versions allows DLL hijacking. | |||||
| CVE-2017-12313 | 1 Cisco | 1 Packet Tracer | 2019-10-09 | 7.2 HIGH | 6.7 MEDIUM |
| An untrusted search path (aka DLL Preload) vulnerability in the Cisco Network Academy Packet Tracer software could allow an authenticated, local attacker to execute arbitrary code via DLL hijacking if a local user with administrative privileges executes the installer in the current working directory where a crafted DLL has been placed by an attacker. The vulnerability is due to incomplete input validation of path and file names of a DLL file before it is loaded. An attacker could exploit this vulnerability by creating a malicious DLL file and installing it in a specific system directory. A successful exploit could allow the attacker to execute commands on the underlying Microsoft Windows host with privileges equivalent to the SYSTEM account. An attacker would need valid user credentials to exploit this vulnerability. | |||||
| CVE-2017-12312 | 1 Cisco | 1 Advanced Malware Protection For Endpoints | 2019-10-09 | 7.2 HIGH | 6.7 MEDIUM |
| An untrusted search path (aka DLL Preloading) vulnerability in the Cisco Immunet antimalware installer could allow an authenticated, local attacker to execute arbitrary code via DLL hijacking if a local user with administrative privileges executes the installer in the current working directory where a crafted DLL has been placed by an attacker. The vulnerability is due to incomplete input validation of path and file names of a DLL file before it is loaded. An attacker could exploit this vulnerability by creating a malicious DLL file and installing it in a specific system directory. A successful exploit could allow the attacker to execute commands on the underlying Microsoft Windows host with privileges equivalent to the SYSTEM account. An attacker would need valid user credentials to exploit this vulnerability. Cisco Bug IDs: CSCvf23928. | |||||
| CVE-2017-12252 | 1 Cisco | 1 Findit Network Discovery Utility | 2019-10-09 | 4.6 MEDIUM | 7.8 HIGH |
| A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local attacker to perform a DLL preloading attack, potentially causing a partial impact to device availability, confidentiality, and integrity. The vulnerability is due to the application loading a malicious copy of a specific, nondefined DLL file instead of the DLL file it was expecting. An attacker could exploit this vulnerability by placing an affected DLL within the search path of the host system. An exploit could allow the attacker to load a malicious DLL file into the system, thus partially compromising confidentiality, integrity, and availability on the device. Cisco Bug IDs: CSCve89785. | |||||
| CVE-2017-11159 | 2 Microsoft, Synology | 2 Windows, Photo Station Uploader | 2019-10-09 | 4.6 MEDIUM | 7.8 HIGH |
| Multiple untrusted search path vulnerabilities in installer in Synology Photo Station Uploader before 1.4.2-084 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory. | |||||
| CVE-2017-11158 | 2 Microsoft, Synology | 2 Windows, Cloud Station Drive | 2019-10-09 | 4.6 MEDIUM | 7.8 HIGH |
| Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Drive before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory. | |||||
| CVE-2019-14960 | 1 Jetbrains | 1 Rider | 2019-10-08 | 4.6 MEDIUM | 7.8 HIGH |
| JetBrains Rider before 2019.1.2 was using an unsigned JetBrains.Rider.Unity.Editor.Plugin.Repacked.dll file. | |||||
| CVE-2017-2209 | 1 Santeikohyo | 1 Installer Of Houkokusyo Sakusei Shien Tool | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in the installer of Houkokusyo Sakusei Shien Tool ver3.0.2 (For the first installation) (The version which was available on the website from 2017 April 4 to 2017 May 18) and ver2.0 and later (For the first installation) (The versions which were available on the website prior to 2017 April 4) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-7642 | 1 Hashicorp | 1 Vagrant Vmware Fusion | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| The sudo helper in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.21 allows local users to gain root privileges by leveraging failure to verify the path to the encoded ruby script or scrub the PATH variable. | |||||
| CVE-2017-6768 | 1 Cisco | 1 Application Policy Infrastructure Controller | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in the build procedure for certain executable system files installed at boot time on Cisco Application Policy Infrastructure Controller (APIC) devices could allow an authenticated, local attacker to gain root-level privileges. The vulnerability is due to a custom executable system file that was built to use relative search paths for libraries without properly validating the library to be loaded. An attacker could exploit this vulnerability by authenticating to the device and loading a malicious library that can escalate the privilege level. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device. The attacker must have valid user credentials to log in to the device. Cisco Bug IDs: CSCvc96087. Known Affected Releases: 1.1(0.920a), 1.1(1j), 1.1(3f); 1.2 Base, 1.2(2), 1.2(3), 1.2.2; 1.3(1), 1.3(2), 1.3(2f); 2.0 Base, 2.0(1). | |||||
| CVE-2017-2149 | 1 Toshiba | 1 Flashair | 2019-10-03 | 9.3 HIGH | 8.8 HIGH |
| Untrusted search path vulnerability in installers of the software for SDHC/SDXC Memory Card with embedded NFC functionality Software Update Tool V1.00.03 and earlier, SDHC Memory Card with embedded wireless LAN functionality FlashAir Configuration Software V3.0.2 and earlier, SDHC Memory Card with embedded wireless LAN functionality FlashAir Software Update tool (SD-WE series<W-03>) V3.00.01, SDHC Memory Card with embedded wireless LAN functionality FlashAir Software Update tool (SD-WD/WC series<W-02>) V2.00.03 and earlier, SDHC Memory Card with embedded wireless LAN functionality FlashAir Software Update tool (SD-WB/WL series) V1.00.04 and earlier, SDHC Memory Card with embedded TransferJet functionality Configuration Software V1.02 and earlier, SDHC Memory Card with embedded TransferJet functionality Software Update tool V1.00.06 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-15566 | 1 Schedmd | 1 Slurm | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution. | |||||
| CVE-2018-18913 | 2 Microsoft, Opera | 2 Windows 7, Opera Browser | 2019-09-27 | 6.9 MEDIUM | 7.8 HIGH |
| Opera before 57.0.3098.106 is vulnerable to a DLL Search Order hijacking attack where an attacker can send a ZIP archive composed of an HTML page along with a malicious DLL to the target. Once the document is opened, it may allow the attacker to take full control of the system from any location within the system. The issue lies in the loading of the shcore.dll and dcomp.dll files: these files are being searched for by the program in the same system-wide directory where the HTML file is executed. | |||||
| CVE-2019-13357 | 1 Totaldefense | 1 Anti-virus | 2019-09-24 | 4.6 MEDIUM | 7.8 HIGH |
| In Total Defense Anti-virus 9.0.0.773, resource acquisition from the untrusted search path C:\ used by caschelp.exe allows local attackers to hijack ccGUIFrm.dll, which leads to code execution. SYSTEM-level code execution can be achieved when the ccSchedulerSVC service runs the affected executable. | |||||
| CVE-2019-15295 | 1 Bitdefender | 1 Antivirus 2020 | 2019-08-28 | 9.3 HIGH | 7.8 HIGH |
| An Untrusted Search Path vulnerability in the ServiceInstance.dll library versions 1.0.15.119 and lower, as used in Bitdefender Antivirus Free 2020 versions prior to 1.0.15.138, allows an attacker to load an arbitrary DLL file from the search path. | |||||
| CVE-2016-10837 | 1 Cpanel | 1 Cpanel | 2019-08-08 | 8.5 HIGH | 7.5 HIGH |
| cPanel before 11.54.0.4 allows arbitrary code execution because of an unsafe @INC path (SEC-46). | |||||
| CVE-2019-12912 | 1 Rdbrck | 1 Shift | 2019-07-19 | 2.1 LOW | 5.5 MEDIUM |
| Redbrick Shift through 3.4.3 allows an attacker to extract emails of services (such as Gmail, Outlook, etc.) used in the application. | |||||
| CVE-2019-12574 | 2 Londontrustmedia, Microsoft | 2 Private Internet Access Vpn Client, Windows | 2019-07-16 | 9.3 HIGH | 7.8 HIGH |
| A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v1.0 for Windows could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The PIA client is vulnerable to a DLL injection vulnerability during the software update process. The updater loads several libraries from a folder that authenticated users have write access to. A low privileged user can leverage this vulnerability to execute arbitrary code as SYSTEM. | |||||
| CVE-2018-18519 | 1 Bestxsoftware | 1 Best Free Keylogger | 2019-06-21 | 6.8 MEDIUM | 7.8 HIGH |
| BestXsoftware Best Free Keylogger before 6.0.0 allows local users to gain privileges via a Trojan horse "%PROGRAMFILES%\BFK 5.2.9\syscrb.exe" file because of insecure permissions for the BUILTIN\Users group. | |||||
| CVE-2019-5589 | 1 Fortinet | 1 Forticlient | 2019-05-29 | 9.3 HIGH | 7.8 HIGH |
| An Unsafe Search Path vulnerability in FortiClient Online Installer (Windows version before 6.0.6) may allow an unauthenticated, remote attacker with control over the directory in which FortiClientOnlineInstaller.exe resides to execute arbitrary code on the system via uploading malicious .dll files in that directory. | |||||
| CVE-2019-5957 | 1 Soumu | 1 Electronic Reception And Examination Of Application For Radio Licenses | 2019-05-21 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in Installer of Electronic reception and examination of application for radio licenses Online 1.0.9.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2019-5958 | 1 Soumu | 1 Electronic Reception And Examination Of Application For Radio Licenses | 2019-05-21 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in Electronic reception and examination of application for radio licenses Offline 1.0.9.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2016-0014 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8 and 6 more | 2019-05-16 | 7.2 HIGH | 7.8 HIGH |
| Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Elevation of Privilege Vulnerability." | |||||
| CVE-2016-0018 | 1 Microsoft | 5 Windows 10, Windows 7, Windows 8 and 2 more | 2019-05-15 | 6.9 MEDIUM | 7.3 HIGH |
| Microsoft Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 R2, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability." | |||||
| CVE-2016-0016 | 1 Microsoft | 9 Windows 10, Windows 7, Windows 8 and 6 more | 2019-05-15 | 7.2 HIGH | 7.8 HIGH |
| Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability." | |||||
| CVE-2015-0096 | 1 Microsoft | 9 Windows 7, Windows 8, Windows 8.1 and 6 more | 2019-05-14 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, leading to DLL loading during Windows Explorer access to the icon of a crafted shortcut, aka "DLL Planting Remote Code Execution Vulnerability." | |||||
| CVE-2018-18367 | 1 Symantec | 1 Endpoint Protection Manager | 2019-05-03 | 6.8 MEDIUM | 7.8 HIGH |
| Symantec Endpoint Protection Manager (SEPM) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. | |||||
| CVE-2018-18369 | 1 Symantec | 4 Endpoint Protection, Endpoint Protection Cloud, Endpoint Protection Cloud Agent and 1 more | 2019-05-02 | 6.8 MEDIUM | 7.8 HIGH |
| Norton Security (Windows client) prior to 22.16.3 and SEP SBE (Windows client) prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22 & SEP-12.1.7484.7002, may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. | |||||
| CVE-2019-8453 | 1 Checkpoint | 1 Zonealarm | 2019-04-23 | 2.1 LOW | 5.5 MEDIUM |
| Some of the DLLs loaded by Check Point ZoneAlarm up to 15.4.062 are taken from directories where all users have write permissions. This can allow a local attacker to replace a DLL file with a malicious one and cause Denial of Service to the client. | |||||
| CVE-2018-19486 | 3 Canonical, Git-scm, Linux | 3 Ubuntu Linux, Git, Linux Kernel | 2019-04-11 | 7.5 HIGH | 9.8 CRITICAL |
| Git before 2.19.2 on Linux and UNIX executes commands from the current working directory (as if '.' were at the end of $PATH) in certain cases involving the run_command() API and run-command.c, because there was a dangerous change from execvp to execv during 2017. | |||||
| CVE-2019-0809 | 1 Microsoft | 1 Visual Studio 2017 | 2019-04-10 | 6.8 MEDIUM | 7.8 HIGH |
| A remote code execution vulnerability exists when the Visual Studio C++ Redistributable Installer improperly validates input before loading dynamic link library (DLL) files, aka 'Visual Studio Remote Code Execution Vulnerability'. | |||||
| CVE-2019-5922 | 1 Microsoft | 1 Teams | 2019-03-13 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in The installer of Microsoft Teams allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2019-5921 | 1 Microsoft | 1 Windows 7 | 2019-03-13 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in Windows 7 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-16190 | 2 Micco, Microsoft | 5 Lhmelting, Lmlzh32.dll, Unarj32.dll and 2 more | 2019-02-21 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in UNARJ32.DLL for Win32, LHMelting for Win32, and LMLzh32.DLL (UNARJ32.DLL for Win32 Ver 1.10.1.25 and earlier, LHMelting for Win32 Ver 1.65.3.6 and earlier, LMLzh32.DLL Ver 2.67.1.2 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2019-5912 | 2 Micco, Microsoft | 2 Unarj32.dll, Windows | 2019-02-19 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in the installer of UNARJ32.DLL (UNARJ32.DLL for Win32 Ver 1.10.1.25 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-16189 | 2 Micco, Microsoft | 2 Unlha32.dll, Windows | 2019-02-19 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in Self-Extracting Archives created by UNLHA32.DLL prior to Ver 3.00 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2019-5911 | 2 Micco, Microsoft | 2 Unlha32.dll, Windows | 2019-02-19 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in the installer of UNLHA32.DLL (UNLHA32.DLL for Win32 Ver 2.67.1.2 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2019-5913 | 2 Micco, Microsoft | 2 Lhmelting, Windows | 2019-02-19 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in the installer of LHMelting (LHMelting for Win32 Ver 1.65.3.6 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-18364 | 1 Symantec | 1 Ghost Solution Suite | 2019-02-13 | 6.0 MEDIUM | 7.3 HIGH |
| Symantec Ghost Solution Suite (GSS) versions prior to 3.3 RU1 may be susceptible to a DLL hijacking vulnerability, which is a type of issue whereby a potential attacker attempts to execute unexpected code on your machine. This occurs via placement of a potentially foreign file (DLL) that the attacker then attempts to run via a linked application. | |||||
| CVE-2015-3987 | 1 Mcafee | 1 Epo Deep Command | 2019-02-11 | 7.2 HIGH | N/A |
| Multiple unquoted Windows search path vulnerabilities in the (1) Client Management and (2) Gateway in McAfee ePO Deep Command 2.1 and 2.2 before HF 1058831 allow local users to gain privileges via unspecified vectors. | |||||
| CVE-2018-18629 | 1 Keybase | 1 Keybase | 2019-02-04 | 7.2 HIGH | 7.8 HIGH |
| An issue was discovered in the Keybase command-line client before 2.8.0-20181023124437 for Linux. An untrusted search path vulnerability in the keybase-redirector application allows a local, unprivileged user on Linux to gain root privileges via a Trojan horse binary. | |||||
| CVE-2018-16176 | 1 Jaea | 1 Mapping Tool | 2019-01-30 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in Installer of Mapping Tool 2.0.1.6 and 2.0.1.7 allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-15983 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Mac Os X, Chrome Os and 4 more | 2019-01-28 | 6.8 MEDIUM | 7.8 HIGH |
| Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation. | |||||
| CVE-2018-16182 | 1 Rakuten-sec | 1 Market Speed | 2019-01-23 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in the installer of MARKET SPEED Ver.16.4 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-17980 | 1 Nomachine | 1 Nomachine | 2019-01-22 | 6.8 MEDIUM | 7.8 HIGH |
| NoMachine before 5.3.27 and 6.x before 6.3.6 allows attackers to gain privileges via a Trojan horse wintab32.dll file located in the same directory as a .nxs file, as demonstrated by a scenario where the .nxs file and the DLL are in the current working directory, and the Trojan horse code is executed. (The directory could, in general, be on a local filesystem or a network share.). | |||||
| CVE-2018-0667 | 1 Mnc | 2 Inplc-rt Sdk Express, Inplc Sdk Pro\+ | 2019-01-22 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in Installer of INplc SDK Express 3.08 and earlier and Installer of INplc SDK Pro+ 3.08 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-12245 | 1 Symantec | 1 Endpoint Protection | 2018-12-28 | 6.8 MEDIUM | 7.8 HIGH |
| Symantec Endpoint Protection prior to 14.2 MP1 may be susceptible to a DLL Preloading vulnerability, which in this case is an issue that can occur when an application being installed unintentionally loads a DLL provided by a potential attacker. Note that this particular type of exploit only manifests at install time; no remediation is required for software that has already been installed. This issue only impacted the Trialware media for Symantec Endpoint Protection, which has since been updated. | |||||