Total
492 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-0592 | 1 Microsoft | 1 Onedrive | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in Microsoft OneDrive allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-0580 | 1 Celsys | 3 Clip Studio Action, Clip Studio Modeler, Clip Studio Paint | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in CELSYS, Inc CLIP STUDIO series (CLIP STUDIO PAINT (for Windows) EX/PRO/DEBUT Ver.1.7.3 and earlier, CLIP STUDIO ACTION (for Windows) Ver.1.5.5 and earlier, with its timestamp prior to April 25, 2018, 12:11:31, and CLIP STUDIO MODELER (for Windows) Ver.1.6.3 and earlier, with its timestamp prior to April 25, 2018, 17:02:49) allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-0563 | 1 Ntt-east | 2 Flet\'s Virus Clear Easy Setup \& Application Tool, Flet\'s Virus Clear V6 Easy Setup \& Application Tool | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in the installer of FLET'S VIRUS CLEAR Easy Setup & Application Tool ver.13.0 and earlier versions and FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool ver.13.0 and earlier versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-0562 | 1 Coderium | 1 Soundengine | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Installer of SoundEngine Free ver.5.21 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-0561 | 1 Securebrain | 1 Phishwall | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in The installer of PhishWall Client Internet Explorer edition Ver. 3.7.15 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-0552 | 1 Securebrain | 1 Phishwall Client | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in The installer of PhishWall Client Firefox and Chrome edition for Windows Ver. 5.1.26 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-0544 | 1 Woodybells | 1 Winshot | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in WinShot 1.53a and earlier (Installer) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-0543 | 1 Woodybells | 1 Jtrim | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Jtrim 1.53c and earlier (Installer) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-0540 | 1 Vix Project | 1 Vix | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in ViX version 2.21.148.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-0517 | 1 Kddi | 1 Anshin Net Security | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in Anshin net security for Windows Version 16.0.1.44 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-0516 | 1 Flets | 1 Address Selection Tool | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in FLET'S v4 / v6 address selection tool allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-0515 | 1 Flets | 1 Azukeru Backup Tool | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in "FLET'S Azukeru Backup Tool" version 1.5.2.6 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-0507 | 1 Ntt-east | 2 Flet\'s Virus Clear Easy Setup \& Application Tool, Flet\'s Virus Clear V6 Easy Setup \& Application Tool | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in FLET'S VIRUS CLEAR Easy Setup & Application Tool ver.11 and earlier versions, FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool ver.11 and earlier versions allow an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-8137 | 1 Huawei | 1 Hedex Lite | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| HedEx Earlier than V200R006C00 versions has a dynamic link library (DLL) hijacking vulnerability due to calling the DDL file by accessing a relative path. An attacker could exploit this vulnerability to tamper with the DLL file, leading to DLL hijacking. | |||||
| CVE-2017-7755 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Firefox Esr and 1 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| The Firefox installer on Windows can be made to load malicious DLL files stored in the same directory as the installer when it is run. This allows privileged execution if the installer is run with elevated privileges. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. | |||||
| CVE-2017-7642 | 1 Hashicorp | 1 Vagrant Vmware Fusion | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| The sudo helper in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.21 allows local users to gain root privileges by leveraging failure to verify the path to the encoded ruby script or scrub the PATH variable. | |||||
| CVE-2017-7327 | 1 Yandex | 1 Yandex Browser | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Yandex Browser installer for Desktop before 17.4.1 has a DLL Hijacking Vulnerability because an untrusted search path is used for dnsapi.dll, winmm.dll, ntmarta.dll, cryptbase.dll or profapi.dll. | |||||
| CVE-2017-6798 | 1 Trendmicro | 1 Endpoint Sensor | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Trend Micro Endpoint Sensor 1.6 before b1290 has a DLL hijacking vulnerability that allows remote attackers to execute arbitrary code, aka Trend Micro Vulnerability Identifier 2015-0208. | |||||
| CVE-2017-6768 | 1 Cisco | 1 Application Policy Infrastructure Controller | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in the build procedure for certain executable system files installed at boot time on Cisco Application Policy Infrastructure Controller (APIC) devices could allow an authenticated, local attacker to gain root-level privileges. The vulnerability is due to a custom executable system file that was built to use relative search paths for libraries without properly validating the library to be loaded. An attacker could exploit this vulnerability by authenticating to the device and loading a malicious library that can escalate the privilege level. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device. The attacker must have valid user credentials to log in to the device. Cisco Bug IDs: CSCvc96087. Known Affected Releases: 1.1(0.920a), 1.1(1j), 1.1(3f); 1.2 Base, 1.2(2), 1.2(3), 1.2.2; 1.3(1), 1.3(2), 1.3(2f); 2.0 Base, 2.0(1). | |||||
| CVE-2017-6189 | 1 Amazon | 1 Kindle For Pc | 2024-11-21 | 4.4 MEDIUM | 7.3 HIGH |
| Untrusted search path vulnerability in Amazon Kindle for PC before 1.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL in the current working directory of the Kindle Setup installer. | |||||