Total
760 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-9546 | 1 Solarwinds | 1 Orion Platform | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SolarWinds Orion Platform before 2018.4 Hotfix 2 allows privilege escalation through the RabbitMQ service. | |||||
| CVE-2019-9491 | 2 Microsoft, Trendmicro | 2 Windows, Anti-threat Toolkit | 2024-11-21 | 5.1 MEDIUM | 7.8 HIGH |
| Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below have a vulnerability that may allow an attacker to place malicious files in the same directory, potentially leading to arbitrary remote code execution (RCE) when executed. | |||||
| CVE-2019-9116 | 2 Microsoft, Sublimetext | 2 Windows 7, Sublime Text 3 | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| DLL hijacking is possible in Sublime Text 3 version 3.1.1 build 3176 on 32-bit Windows platforms because a Trojan horse api-ms-win-core-fibers-l1-1-1.dll or api-ms-win-core-localization-l1-2-1.dll file may be loaded if a victim uses sublime_text.exe to open a .txt file within an attacker's %LOCALAPPDATA%\Temp\sublime_text folder. NOTE: the vendor's position is "This does not appear to be a bug with Sublime Text, but rather one with Windows that has been patched. | |||||
| CVE-2019-8076 | 1 Adobe | 1 Application Manager | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe application manager installer version 10.0 have an Insecure Library Loading (DLL hijacking) vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user. | |||||
| CVE-2019-8062 | 1 Adobe | 1 After Effects | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe After Effects versions 16 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7962 | 3 Adobe, Apple, Microsoft | 3 Illustrator Cc, Macos, Windows | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
| Adobe Illustrator CC versions 23.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation. | |||||
| CVE-2019-7961 | 1 Adobe | 1 Prelude Cc | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Prelude CC versions 8.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7960 | 3 Adobe, Apple, Microsoft | 3 Animate Cc, Macos, Windows | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
| Adobe Animate CC versions 19.2.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation. | |||||
| CVE-2019-7956 | 2 Adobe, Microsoft | 2 Dreamweaver, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Dreamweaver direct download installer versions 19.0 and below, 18.0 and below have an Insecure Library Loading (DLL hijacking) vulnerability. Successful exploitation could lead to Privilege Escalation in the context of the current user. | |||||
| CVE-2019-7931 | 1 Adobe | 1 Premiere Pro Cc | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Premiere Pro CC versions 13.1.2 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7870 | 1 Adobe | 1 Character Animator | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Character Animator versions 2.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7653 | 3 Canonical, Debian, Rdflib Project | 3 Ubuntu Linux, Debian Linux, Rdflib | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has CLI tools that can load Python modules from the current working directory, allowing code injection, because "python -m" looks in this directory, as demonstrated by rdf2dot. This issue is specific to use of the debian/scripts directory. | |||||
| CVE-2019-7365 | 1 Autodesk | 1 Autodesk Desktop | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
| DLL preloading vulnerability in Autodesk Desktop Application versions 7.0.16.29 and earlier. An attacker may trick a user into downloading a malicious DLL file into the working directory, which may then leverage a DLL preloading vulnerability and execute code on the system. | |||||
| CVE-2019-7364 | 1 Autodesk | 11 Advance Steel, Autocad, Autocad Architecture and 8 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D and version 2017 of AutoCAD P&ID. An attacker may trick a user into opening a malicious DWG file that may leverage a DLL preloading vulnerability in AutoCAD which may result in code execution. | |||||
| CVE-2019-7362 | 1 Autodesk | 1 Design Review | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| DLL preloading vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into opening a malicious DWF file that may leverage a DLL preloading vulnerability, which may result in code execution. | |||||
| CVE-2019-7093 | 2 Adobe, Microsoft | 2 Creative Cloud, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Creative Cloud Desktop Application (installer) versions 4.7.0.400 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation. | |||||
| CVE-2019-6858 | 1 Schneider-electric | 1 Msx Configurator | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
| A CWE-427:Uncontrolled Search Path Element vulnerability exists in MSX Configurator (Software Version prior to V1.0.8.1), which could cause privilege escalation when injecting a malicious DLL. | |||||
| CVE-2019-6825 | 1 Schneider-electric | 1 Proclima | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-427: Uncontrolled Search Path Element vulnerability exists in ProClima (all versions prior to version 8.0.0) which could allow a malicious DLL file, with the same name of any resident DLLs inside the software installation, to execute arbitrary code in all versions of ProClima prior to version 8.0.0. | |||||
| CVE-2019-6692 | 1 Fortinet | 1 Forticlient | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
| A malicious DLL preload vulnerability in Fortinet FortiClient for Windows 6.2.0 and below allows a privileged attacker to perform arbitrary code execution via forging that DLL. | |||||
| CVE-2019-6564 | 1 Ge | 1 Ge Communicator | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
| GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to place malicious files within the installer file directory, which may allow an attacker to gain administrative privileges on a system during installation or upgrade. | |||||