Total
755 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-28140 | 1 Qualys | 1 Cloud Agent | 2024-02-28 | N/A | 7.0 HIGH |
An Executable Hijacking condition exists in the Qualys Cloud Agent for Windows platform in versions before 4.5.3.1. Attackers may load a malicious copy of a Dependency Link Library (DLL) via a local attack vector instead of the DLL that the application was expecting, when processes are running with escalated privileges. This vulnerability is bounded only to the time of uninstallation and can only be exploited locally. At the time of this disclosure, versions before 4.0 are classified as End of Life. | |||||
CVE-2022-32576 | 1 Intel | 1 Unite | 2024-02-28 | N/A | 7.8 HIGH |
Uncontrolled search path in the Intel(R) Unite(R) Plugin SDK before version 4.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2022-48422 | 2 Linux, Onlyoffice | 2 Linux Kernel, Document Server | 2024-02-28 | N/A | 7.8 HIGH |
ONLYOFFICE Docs through 7.3 on certain Linux distributions allows local users to gain privileges via a Trojan horse libgcc_s.so.1 in the current working directory, which may be any directory in which an ONLYOFFICE document is located. | |||||
CVE-2022-28686 | 1 Aveva | 1 Aveva Edge | 2024-02-28 | N/A | 7.8 HIGH |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of APP files. The process loads a library from an unsecured location. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17114. | |||||
CVE-2023-29011 | 1 Git For Windows Project | 1 Git For Windows | 2024-02-28 | N/A | 7.8 HIGH |
Git for Windows, the Windows port of Git, ships with an executable called `connect.exe`, which implements a SOCKS5 proxy that can be used to connect e.g. to SSH servers via proxies when certain ports are blocked for outgoing connections. The location of `connect.exe`'s config file is hard-coded as `/etc/connectrc` which will typically be interpreted as `C:\etc\connectrc`. Since `C:\etc` can be created by any authenticated user, this makes `connect.exe` susceptible to malicious files being placed there by other users on the same multi-user machine. The problem has been patched in Git for Windows v2.40.1. As a workaround, create the folder `etc` on all drives where Git commands are run, and remove read/write access from those folders. Alternatively, watch out for malicious `<drive>:\etc\connectrc` files on multi-user machines. | |||||
CVE-2022-48222 | 1 Gbgplc | 1 Acuant Acufill Sdk | 2024-02-28 | N/A | 7.8 HIGH |
An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. During SDK installation, certutil.exe is called by the Acuant installer to install certificates. This window is not hidden, and is running with elevated privileges. A standard user can break out of this window, obtaining a full SYSTEM command prompt window. This results in complete compromise via arbitrary SYSTEM code execution (elevation of privileges). | |||||
CVE-2023-22355 | 1 Intel | 29 Advisor, Cpu Runtime, Distribution For Python and 26 more | 2024-02-28 | N/A | 7.8 HIGH |
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2022-38745 | 1 Apache | 1 Openoffice | 2024-02-28 | N/A | 7.8 HIGH |
Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory. | |||||
CVE-2023-29187 | 1 Sap | 1 Sapsetup | 2024-02-28 | N/A | 6.7 MEDIUM |
A Windows user with basic user authorization can exploit a DLL hijacking attack in SapSetup (Software Installation Program) - version 9.0, resulting in a privilege escalation running code as administrator of the very same Windows PC. A successful attack depends on various preconditions beyond the attackers control. | |||||
CVE-2022-41982 | 1 Intel | 1 Vtune Profiler | 2024-02-28 | N/A | 7.8 HIGH |
Uncontrolled search path element in the Intel(R) VTune(TM) Profiler software before version 2023.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2022-28688 | 1 Aveva | 1 Aveva Edge | 2024-02-28 | N/A | 7.8 HIGH |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of APP files. The process loads a library from an unsecured location. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17201. | |||||
CVE-2023-28759 | 1 Veritas | 1 Netbackup | 2024-02-28 | N/A | 7.8 HIGH |
An issue was discovered in Veritas NetBackup before 10.0 on Windows. A vulnerability in the way the client validates the path to a DLL prior to loading may allow a lower-level user to elevate privileges and compromise the system. | |||||
CVE-2023-25005 | 1 Autodesk | 1 Infraworks | 2024-02-28 | N/A | 7.8 HIGH |
A maliciously crafted DLL file can be forced to read beyond allocated boundaries in Autodesk InfraWorks 2023, and 2021 when parsing the DLL files could lead to a resource injection vulnerability. | |||||
CVE-2022-27180 | 1 Intel | 1 Maccpuid | 2024-02-28 | N/A | 7.8 HIGH |
Uncontrolled search path in the Intel(R) MacCPUID software before version 3.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2022-41628 | 2 Intel, Microsoft | 15 Nuc P14e Laptop Element, Windows 10 1507, Windows 10 1511 and 12 more | 2024-02-28 | N/A | 7.8 HIGH |
Uncontrolled search path element in the HotKey Services for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1.1.44 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2023-29012 | 1 Git For Windows Project | 1 Git For Windows | 2024-02-28 | N/A | 7.8 HIGH |
Git for Windows is the Windows port of Git. Prior to version 2.40.1, any user of Git CMD who starts the command in an untrusted directory is impacted by an Uncontrolles Search Path Element vulnerability. Maliciously-placed `doskey.exe` would be executed silently upon running Git CMD. The problem has been patched in Git for Windows v2.40.1. As a workaround, avoid using Git CMD or, if using Git CMD, avoid starting it in an untrusted directory. | |||||
CVE-2023-31543 | 1 Pipreqs Project | 1 Pipreqs | 2024-02-28 | N/A | 9.8 CRITICAL |
A dependency confusion in pipreqs v0.3.0 to v0.4.11 allows attackers to execute arbitrary code via uploading a crafted PyPI package to the chosen repository server. | |||||
CVE-2022-48225 | 1 Gbgplc | 1 Acuant Acufill Sdk | 2024-02-28 | N/A | 7.3 HIGH |
An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. It is used to install drivers from several different vendors. The Gemalto Document Reader child installation process is vulnerable to DLL hijacking, because it attempts to execute (with elevated privileges) multiple non-existent DLLs out of a non-existent standard-user writable location. | |||||
CVE-2023-25428 | 1 Soft-o | 1 Free Password Manager | 2024-02-28 | N/A | 7.8 HIGH |
A DLL Hijacking issue discovered in Soft-o Free Password Manager 1.1.20 allows attackers to create arbitrary DLLs leading to code execution. | |||||
CVE-2023-28596 | 1 Zoom | 1 Meetings | 2024-02-28 | N/A | 7.8 HIGH |
Zoom Client for IT Admin macOS installers before version 5.13.5 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability in an attack chain during the installation process to escalate their privileges to privileges to root. |