Total
492 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-12576 | 2 Apple, Londontrustmedia | 2 Macos, Private Internet Access Vpn Client | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for macOS could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The openvpn_launcher binary is setuid root. This program is called during the connection process and executes several operating system utilities to configure the system. The networksetup utility is called using relative paths. A local unprivileged user can execute arbitrary commands as root by creating a networksetup trojan which will be executed during the connection process. This is possible because the PATH environment variable is not reset prior to executing the OS utility. | |||||
| CVE-2019-12574 | 2 Londontrustmedia, Microsoft | 2 Private Internet Access Vpn Client, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v1.0 for Windows could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The PIA client is vulnerable to a DLL injection vulnerability during the software update process. The updater loads several libraries from a folder that authenticated users have write access to. A low privileged user can leverage this vulnerability to execute arbitrary code as SYSTEM. | |||||
| CVE-2019-12569 | 1 Rakuten | 1 Viber | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| A vulnerability in Viber before 10.7.0 for Desktop (Windows) could allow an attacker to execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI. An attacker could exploit this vulnerability by convincing a targeted user to follow a malicious link. Successful exploitation could cause the application to load libraries from the directory targeted by the URI link. The attacker could use this behavior to execute arbitrary commands on the system with the privileges of the targeted user, if the attacker can place a crafted library in a directory that is accessible to the vulnerable system. | |||||
| CVE-2019-11660 | 1 Microfocus | 1 Data Protector | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Privileges manipulation in Micro Focus Data Protector, versions 10.00, 10.01, 10.02, 10.03, 10.04, 10.10, 10.20, 10.30, 10.40. This vulnerability could be exploited by a low-privileged user to execute a custom binary with higher privileges. | |||||
| CVE-2019-11351 | 1 Teamspeak | 1 Teamspeak | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
| TeamSpeak 3 Client before 3.2.5 allows remote code execution in the Qt framework. | |||||
| CVE-2019-10971 | 1 Omron | 1 Network Configurator For Devicenet Safety | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| The application (Network Configurator for DeviceNet Safety 3.41 and prior) searches for resources by means of an untrusted search path that could execute a malicious .dll file not under the application's direct control and outside the intended directories. | |||||
| CVE-2019-1010100 | 1 Akeo | 1 Rufus | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Akeo Consulting Rufus 3.0 and earlier is affected by: DLL search order hijacking. The impact is: Arbitrary code execution WITH escalation of privilege. The component is: Executable installers, portable executables (ALL executables on the web site). The attack vector is: CAPEC-471, CWE-426, CWE-427. | |||||
| CVE-2019-0809 | 1 Microsoft | 1 Visual Studio 2017 | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A remote code execution vulnerability exists when the Visual Studio C++ Redistributable Installer improperly validates input before loading dynamic link library (DLL) files, aka 'Visual Studio Remote Code Execution Vulnerability'. | |||||
| CVE-2018-7884 | 1 Displaylink | 1 Core Software Cleaner | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in DisplayLink Core Software Cleaner Application 8.2.1956. When the drivers are updated to a newer version, the product launches a process as SYSTEM to uninstall the old version: cl_1956.exe is run as SYSTEM on the %systemroot%\Temp folder, where any user can write a DLL (e.g., version.dll) to perform DLL Hijacking and elevate privileges to SYSTEM. | |||||
| CVE-2018-7484 | 1 Purevpn | 1 Purevpn | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in PureVPN through 5.19.4.0 on Windows. The client installation grants the Everyone group Full Control permission to the installation directory. In addition, the PureVPNService.exe service, which runs under NT Authority\SYSTEM privileges, tries to load several dynamic-link libraries using relative paths instead of the absolute path. When not using a fully qualified path, the application will first try to load the library from the directory from which the application is started. As the residing directory of PureVPNService.exe is writable to all users, this makes the application susceptible to privilege escalation through DLL hijacking. | |||||
| CVE-2018-7365 | 1 Zte | 2 Usmartview, Zxcloud Irai | 2024-11-21 | 6.5 MEDIUM | 5.1 MEDIUM |
| All versions up to ZXCLOUD iRAI V5.01.05 of the ZTE uSmartView product are impacted by untrusted search path vulnerability, which may allow an unauthorized user to perform unauthorized operations. | |||||
| CVE-2018-7239 | 1 Schneider-electric | 13 Atv12 Dtm, Atv212 Dtm, Atv312 Dtm and 10 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A DLL hijacking vulnerability exists in Schneider Electric's SoMove Software and associated DTM software components in all versions prior to 2.6.2 which could allow an attacker to execute arbitrary code. | |||||
| CVE-2018-6700 | 1 Mcafee | 1 True Key | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| DLL Search Order Hijacking vulnerability in Microsoft Windows Client in McAfee True Key (TK) before 5.1.165 allows local users to execute arbitrary code via specially crafted malware. | |||||
| CVE-2018-6661 | 2 Mcafee, Microsoft | 2 True Key, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| DLL Side-Loading vulnerability in Microsoft Windows Client in McAfee True Key before 4.20.110 allows local users to gain privilege elevation via not verifying a particular DLL file signature. | |||||
| CVE-2018-6514 | 2 Microsoft, Puppet | 2 Windows, Puppet | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| In Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, Puppet Agent 5.5.x prior to 5.5.2, Facter on Windows is vulnerable to a DLL preloading attack, which could lead to a privilege escalation. | |||||
| CVE-2018-6513 | 1 Puppet | 2 Puppet, Puppet Enterprise | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Puppet Enterprise 2016.4.x prior to 2016.4.12, Puppet Enterprise 2017.3.x prior to 2017.3.7, Puppet Enterprise 2018.1.x prior to 2018.1.1, Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, and Puppet Agent 5.5.x prior to 5.5.2, were vulnerable to an attack where an unprivileged user on Windows agents could write custom facts that can escalate privileges on the next puppet run. This was possible through the loading of shared libraries from untrusted paths. | |||||
| CVE-2018-6475 | 1 Superantispyware | 1 Superantispyware | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| In SUPERAntiSpyware Professional Trial 6.0.1254, SUPERAntiSpyware.exe allows DLL hijacking, leading to Escalation of Privileges. | |||||
| CVE-2018-6461 | 2 March-hare, Microsoft | 2 Wincvs, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| March Hare WINCVS before 2.8.01 build 6610, and CVS Suite before 2009R2 build 6610, contains an Insecure Library Loading vulnerability in the wincvs2.exe or wincvs.exe file, which may allow local users to gain privileges via a Trojan horse Python or TCL DLL file in the current working directory. | |||||
| CVE-2018-6318 | 1 Sophos | 1 Sophos Tester | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| In Sophos Tester Tool 3.2.0.7 Beta, the driver loads (in the context of the application used to test an exploit or ransomware) the DLL using a payload that runs from NTDLL.DLL (so, it's run in userland), but the driver doesn't perform any validation of this DLL (not its signature, not its hash, etc.). A person can change this DLL in a local way, or with a remote connection, to a malicious DLL with the same name -- and when the product is used, this malicious DLL will be loaded, aka a DLL Hijacking attack. | |||||
| CVE-2018-6306 | 1 Kaspersky | 1 Password Manager | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Unauthorized code execution from specific DLL and is known as DLL Hijacking attack in Kaspersky Password Manager versions before 8.0.6.538. | |||||