Search
Total
418 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-6788 | 1 Bosch | 1 Configuration Manager | 2021-03-25 | 6.9 MEDIUM | 7.8 HIGH |
| Loading a DLL through an Uncontrolled Search Path Element in the Bosch Configuration Manager installer up to and including version 7.21.0078 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from. | |||||
| CVE-2020-6786 | 1 Bosch | 1 Video Recording Manager | 2021-03-25 | 6.9 MEDIUM | 7.8 HIGH |
| Loading a DLL through an Uncontrolled Search Path Element in the Bosch Video Recording Manager installer up to and including version 3.82.0055 for 3.82, up to and including version 3.81.0064 for 3.81 and 3.71 and older potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from. | |||||
| CVE-2020-6787 | 1 Bosch | 1 Video Client | 2021-03-25 | 6.9 MEDIUM | 7.8 HIGH |
| Loading a DLL through an Uncontrolled Search Path Element in the Bosch Video Client installer up to and including version 1.7.6.079 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from. | |||||
| CVE-2020-6789 | 1 Bosch | 1 Monitor Wall | 2021-03-25 | 6.9 MEDIUM | 7.8 HIGH |
| Loading a DLL through an Uncontrolled Search Path Element in the Bosch Monitor Wall installer up to and including version 10.00.0164 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from. | |||||
| CVE-2021-20674 | 1 Ntt-tx | 1 Magicconnect | 2021-03-19 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in Installer of MagicConnect Client program distributed before 2021 March 1 allows an attacker to gain privileges and via a Trojan horse DLL in an unspecified directory and to execute arbitrary code with the privilege of the user invoking the installer when a terminal is connected remotely using Remote desktop. | |||||
| CVE-2021-21518 | 1 Dell | 3 Supportassist Client Promanage, Supportassist For Business Pcs, Supportassist For Home Pcs | 2021-03-19 | 7.2 HIGH | 7.8 HIGH |
| Dell SupportAssist Client for Consumer PCs versions 3.7.x, 3.6.x, 3.4.x, 3.3.x, Dell SupportAssist Client for Business PCs versions 2.0.x, 2.1.x, 2.2.x, and Dell SupportAssist Client ProManage 1.x contain a DLL injection vulnerability in the Costura Fody plugin. A local user with low privileges could potentially exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with SYSTEM privileges. | |||||
| CVE-2020-28646 | 1 Owncloud | 1 Owncloud | 2021-03-04 | 4.4 MEDIUM | 7.8 HIGH |
| ownCloud owncloud/client before 2.7 allows DLL Injection. The desktop client loaded development plugins from certain directories when they were present. | |||||
| CVE-2020-24451 | 1 Intel | 1 Optane Dc Persistent Memory Module Management | 2021-02-23 | 4.4 MEDIUM | 7.3 HIGH |
| Uncontrolled search path in the Intel(R) Optane(TM) DC Persistent Memory installer for Windows* before version 1.00.00.3506 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2021-25247 | 2 Microsoft, Trendmicro | 2 Windows, Housecall For Home Networks | 2021-02-03 | 4.4 MEDIUM | 7.8 HIGH |
| A DLL hijacking vulnerability Trend Micro HouseCall for Home Networks version 5.3.1063 and below could allow an attacker to use a malicious DLL to escalate privileges and perform arbitrary code execution. An attacker must already have user privileges on the machine to exploit this vulnerability. | |||||
| CVE-2021-1280 | 1 Cisco | 2 Advanced Malware Protection For Endpoints, Immunet | 2021-01-28 | 6.9 MEDIUM | 7.3 HIGH |
| A vulnerability in the loading mechanism of specific DLLs of Cisco Advanced Malware Protection (AMP) for Endpoints for Windows and Immunet for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need valid credentials on the Windows system. This vulnerability is due to incorrect handling of directory search paths at run time. An attacker could exploit this vulnerability by placing a malicious DLL file on the targeted system. This file will execute when the vulnerable application launches. A successful exploit could allow the attacker to execute arbitrary code on the targeted system with SYSTEM privileges. | |||||
| CVE-2021-1240 | 1 Cisco | 1 Proximity | 2021-01-20 | 8.5 HIGH | 7.3 HIGH |
| A vulnerability in the loading process of specific DLLs in Cisco Proximity Desktop for Windows could allow an authenticated, local attacker to load a malicious library. To exploit this vulnerability, the attacker must have valid credentials on the Windows system. This vulnerability is due to incorrect handling of directory paths at run time. An attacker could exploit this vulnerability by placing a malicious DLL file in a specific location on the targeted system. This file will execute when the vulnerable application launches. A successful exploit could allow the attacker to execute arbitrary code on the targeted system with the privileges of another user’s account. | |||||
| CVE-2020-35483 | 1 Anydesk | 1 Anydesk | 2021-01-20 | 4.4 MEDIUM | 7.8 HIGH |
| AnyDesk before 6.1.0 on Windows, when run in portable mode on a system where the attacker has write access to the application directory, allows this attacker to compromise a local user account via a read-only setting for a Trojan horse gcapi.dll file. | |||||
| CVE-2021-1237 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2021-01-19 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in the Network Access Manager and Web Security Agent components of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL injection attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by inserting a configuration file in a specific path in the system which, in turn, causes a malicious DLL file to be loaded when the application starts. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges. | |||||
| CVE-2021-21010 | 2 Adobe, Microsoft | 2 Incopy, Windows | 2021-01-19 | 5.1 MEDIUM | 7.0 HIGH |
| InCopy version 15.1.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-21011 | 2 Adobe, Microsoft | 2 Captivate, Windows | 2021-01-19 | 5.1 MEDIUM | 7.0 HIGH |
| Adobe Captivate 2019 version 11.5.1.499 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. An attacker with permissions to write to the file system could leverage this vulnerability to escalate privileges. | |||||
| CVE-2021-21008 | 2 Adobe, Microsoft | 2 Animate, Windows | 2021-01-19 | 6.8 MEDIUM | 7.0 HIGH |
| Adobe Animate version 21.0 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-21007 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2021-01-19 | 6.8 MEDIUM | 7.0 HIGH |
| Adobe Illustrator version 25.0 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2019-1855 | 1 Cisco | 1 Jabber | 2021-01-04 | 9.3 HIGH | 7.3 HIGH |
| A vulnerability in the loading mechanism of specific dynamic link libraries in Cisco Jabber for Windows could allow an authenticated, local attacker to perform a DLL preloading attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of the resources loaded by the application at run time. An attacker could exploit this vulnerability by crafting a malicious DLL file and placing it in a specific location on the targeted system. The malicious DLL file would execute when the Jabber application launches. A successful exploit could allow the attacker to execute arbitrary code on the target machine with the privileges of another user's account. | |||||
| CVE-2020-5681 | 1 Epson | 2 Epsonnet Setupmanager, Offirio Synergyware Printdirector | 2020-12-30 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in self-extracting files created by EpsonNet SetupManager versions 2.2.14 and earlier, and Offirio SynergyWare PrintDirector versions 1.6x/1.6y and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2020-2049 | 2 Microsoft, Paloaltonetworks | 2 Windows, Cortex Xdr Agent | 2020-12-16 | 7.2 HIGH | 7.8 HIGH |
| A local privilege escalation vulnerability exists in Palo Alto Networks Cortex XDR Agent on the Windows platform that allows an authenticated local Windows user to execute programs with SYSTEM privileges. This requires the user to have the privilege to create files in the Windows root directory. This issue impacts: All versions of Cortex XDR Agent 7.1 with content update 149 and earlier versions; All versions of Cortex XDR Agent 7.2 with content update 149 and earlier versions. | |||||
| CVE-2020-27348 | 1 Canonical | 2 Snapcraft, Ubuntu Linux | 2020-12-14 | 4.4 MEDIUM | 6.8 MEDIUM |
| In some conditions, a snap package built by snapcraft includes the current directory in LD_LIBRARY_PATH, allowing a malicious snap to gain code execution within the context of another snap if both plug the home interface or similar. This issue affects snapcraft versions prior to 4.4.4, prior to 2.43.1+16.04.1, and prior to 2.43.1+18.04.1. | |||||
| CVE-2020-29654 | 1 Westerndigital | 1 Dashboard | 2020-12-14 | 6.9 MEDIUM | 7.8 HIGH |
| Western Digital Dashboard before 3.2.2.9 allows DLL Hijacking that leads to compromise of the SYSTEM account. | |||||
| CVE-2020-24440 | 2 Adobe, Microsoft | 2 Prelude, Windows | 2020-12-11 | 3.7 LOW | 7.0 HIGH |
| Adobe Prelude version 9.0.1 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2020-24447 | 2 Adobe, Microsoft | 2 Lightroom, Windows | 2020-12-11 | 3.7 LOW | 7.0 HIGH |
| Adobe Lightroom Classic version 10.0 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2020-28950 | 1 Kaspersky | 1 Anti-ransomware Tool | 2020-12-08 | 6.9 MEDIUM | 7.8 HIGH |
| The installer of Kaspersky Anti-Ransomware Tool (KART) prior to KART 4.0 Patch C was vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges during installation process. | |||||
| CVE-2020-25738 | 1 Cyberark | 1 Endpoint Privilege Manager | 2020-12-04 | 1.9 LOW | 5.5 MEDIUM |
| CyberArk Endpoint Privilege Manager (EPM) 11.1.0.173 allows attackers to bypass a Credential Theft protection mechanism by injecting a DLL into a process that normally has credential access, such as a Chrome process that reads credentials from a SQLite database. | |||||
| CVE-2020-12320 | 1 Intel | 1 Scs Add-on For Microsoft Sccm | 2020-11-30 | 4.6 MEDIUM | 7.8 HIGH |
| Uncontrolled search path in Intel(R) SCS Add-on for Microsoft* SCCM before version 2.1.10 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-12329 | 1 Intel | 1 Vtune Profiler | 2020-11-30 | 4.6 MEDIUM | 7.8 HIGH |
| Uncontrolled search path in the Intel(R) VTune(TM) Profiler before version 2020 Update 1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-13771 | 1 Ivanti | 1 Endpoint Manager | 2020-11-24 | 6.9 MEDIUM | 7.8 HIGH |
| Various components in Ivanti Endpoint Manager through 2020.1.1 rely on Windows search order when loading a (nonexistent) library file, allowing (under certain conditions) one to gain code execution (and elevation of privileges to the level of privilege held by the vulnerable component such as NT AUTHORITY\SYSTEM) via DLL hijacking. This affects ldiscn32.exe, IpmiRedirectionService.exe, LDAPWhoAmI.exe, and ldprofile.exe. | |||||
| CVE-2020-5992 | 2 Microsoft, Nvidia | 2 Windows, Geforce Now | 2020-11-23 | 4.4 MEDIUM | 7.8 HIGH |
| NVIDIA GeForce NOW application software on Windows, all versions prior to 2.0.25.119, contains a vulnerability in its open-source software dependency in which the OpenSSL library is vulnerable to binary planting attacks by a local user, which may lead to code execution or escalation of privileges. | |||||
| CVE-2020-25174 | 1 Bbraun | 1 Onlinesuite Application Package | 2020-11-13 | 6.9 MEDIUM | 7.8 HIGH |
| A DLL hijacking vulnerability in the B. Braun OnlineSuite Version AP 3.0 and earlier allows local attackers to execute code on the system as a high privileged user. | |||||
| CVE-2020-24422 | 1 Adobe | 1 Creative Cloud | 2020-11-02 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Creative Cloud Desktop Application version 5.2 (and earlier) and 2.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2020-5145 | 1 Sonicwall | 1 Global Vpn Client | 2020-10-30 | 6.9 MEDIUM | 8.6 HIGH |
| SonicWall Global VPN client version 4.10.4.0314 and earlier have an insecure library loading (DLL hijacking) vulnerability. Successful exploitation could lead to remote code execution in the target system. | |||||
| CVE-2019-19115 | 1 Nahimic | 1 Apo Software Component | 2020-10-29 | 6.9 MEDIUM | 7.8 HIGH |
| An escalation of privilege vulnerability in Nahimic APO Software Component Driver 1.4.2, 1.5.0, 1.5.1, 1.6.1 and 1.6.2 allows an attacker to execute code with SYSTEM privileges. | |||||
| CVE-2020-24419 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2020-10-29 | 6.9 MEDIUM | 7.8 HIGH |
| Adobe After Effects version 17.1.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2020-24423 | 2 Adobe, Microsoft | 2 Media Encoder, Windows | 2020-10-29 | 6.9 MEDIUM | 7.8 HIGH |
| Adobe Media Encoder version 14.4 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2020-24420 | 2 Adobe, Microsoft | 2 Photoshop, Windows | 2020-10-29 | 6.9 MEDIUM | 7.8 HIGH |
| Adobe Photoshop for Windows version 21.2.1 (and earlier) is affected by an uncontrolled search path element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2020-8345 | 1 Lenovo | 1 Hardware Scan | 2020-10-26 | 4.4 MEDIUM | 7.8 HIGH |
| A DLL search path vulnerability was reported in the Lenovo HardwareScan Plugin for the Lenovo Vantage hardware scan feature prior to version 1.0.46.11 that could allow escalation of privilege. | |||||
| CVE-2020-3535 | 1 Cisco | 1 Webex Teams | 2020-10-23 | 7.2 HIGH | 8.4 HIGH |
| A vulnerability in the loading mechanism of specific DLLs in the Cisco Webex Teams client for Windows could allow an authenticated, local attacker to load a malicious library. To exploit this vulnerability, the attacker needs valid credentials on the Windows system. The vulnerability is due to incorrect handling of directory paths at run time. An attacker could exploit this vulnerability by placing a malicious DLL file in a specific location on the targeted system. This file will execute when the vulnerable application launches. A successful exploit could allow the attacker to execute arbitrary code on the targeted system with the privileges of another user’s account. | |||||
| CVE-2019-3613 | 1 Mcafee | 1 Agent | 2020-10-19 | 4.4 MEDIUM | 7.3 HIGH |
| DLL Search Order Hijacking vulnerability in McAfee Agent (MA) prior to 5.6.4 allows attackers with local access to execute arbitrary code via execution from a compromised folder. | |||||
| CVE-2019-5629 | 1 Rapid7 | 1 Insight Agent | 2020-10-16 | 7.2 HIGH | 7.8 HIGH |
| Rapid7 Insight Agent, version 2.6.3 and prior, suffers from a local privilege escalation due to an uncontrolled DLL search path. Specifically, when Insight Agent 2.6.3 and prior starts, the Python interpreter attempts to load python3.dll at "C:\DLLs\python3.dll," which normally is writable by locally authenticated users. Because of this, a malicious local user could use Insight Agent's startup conditions to elevate to SYSTEM privileges. This issue was fixed in Rapid7 Insight Agent 2.6.4. | |||||
| CVE-2020-6654 | 1 Eaton | 1 9000x Programming And Configuration Software | 2020-10-16 | 4.4 MEDIUM | 7.8 HIGH |
| A DLL Hijacking vulnerability in Eaton's 9000x Programming and Configuration Software v 2.0.38 and prior allows an attacker to execute arbitrary code by replacing the required DLLs with malicious DLLs when the software try to load vci11un6.DLL and cinpl.DLL. | |||||
| CVE-2019-18575 | 1 Dell | 1 Command\|configure | 2020-10-16 | 6.6 MEDIUM | 7.1 HIGH |
| Dell Command Configure versions prior to 4.2.1 contain an uncontrolled search path vulnerability. A locally authenticated malicious user could exploit this vulnerability by creating a symlink to a target file, allowing the attacker to overwrite or corrupt a specified file on the system. | |||||
| CVE-2020-3433 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2020-09-30 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. | |||||
| CVE-2020-7358 | 1 Rapid7 | 1 Appspider | 2020-09-28 | 4.4 MEDIUM | 6.5 MEDIUM |
| In AppSpider installer versions prior to 7.2.126, the AppSpider installer calls an executable which can be placed in the appropriate directory by an attacker with access to the local machine. This would prevent the installer from distinguishing between a valid executable called during an installation and any arbitrary code executable using the same file name. | |||||
| CVE-2020-14349 | 2 Opensuse, Postgresql | 2 Leap, Postgresql | 2020-09-18 | 4.6 MEDIUM | 7.1 HIGH |
| It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the search_path during logical replication. An authenticated attacker could use this flaw in an attack similar to CVE-2018-1058, in order to execute arbitrary SQL command in the context of the user used for replication. | |||||
| CVE-2020-7312 | 1 Mcafee | 1 Mcafee Agent | 2020-09-15 | 4.6 MEDIUM | 7.8 HIGH |
| DLL Search Order Hijacking Vulnerability in the installer in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to execute arbitrary code and escalate privileges via execution from a compromised folder. | |||||
| CVE-2020-25045 | 1 Kaspersky | 2 Security Center, Security Center Web Console | 2020-09-11 | 4.4 MEDIUM | 7.8 HIGH |
| Installers of Kaspersky Security Center and Kaspersky Security Center Web Console prior to 12 & prior to 12 Patch A were vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges in the system. | |||||
| CVE-2020-5419 | 1 Pivotal Software | 1 Rabbitmq | 2020-09-10 | 4.6 MEDIUM | 6.7 MEDIUM |
| RabbitMQ versions 3.8.x prior to 3.8.7 are prone to a Windows-specific binary planting security vulnerability that allows for arbitrary code execution. An attacker with write privileges to the RabbitMQ installation directory and local access on Windows could carry out a local binary hijacking (planting) attack and execute arbitrary code. | |||||
| CVE-2020-24162 | 1 Tencent | 1 Tencent | 2020-09-10 | 4.4 MEDIUM | 7.8 HIGH |
| The Shenzhen Tencent app 5.8.2.5300 for PC platforms (from Tencent App Center) has a DLL hijacking vulnerability. Attackers can use this vulnerability to execute malicious code. | |||||