Total
757 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-30117 | 1 Hcltech | 1 Bigfix Platform | 2024-10-17 | N/A | 5.3 MEDIUM |
| A dynamic search for a prerequisite library could allow the possibility for an attacker to replace the correct file under some circumstances. | |||||
| CVE-2024-45710 | 1 Solarwinds | 1 Solarwinds Platform | 2024-10-17 | N/A | 7.8 HIGH |
| SolarWinds Platform is susceptible to an Uncontrolled Search Path Element Local Privilege Escalation vulnerability. This requires a low privilege account and local access to the affected node machine. | |||||
| CVE-2024-4089 | 1 Lenovo | 1 Superfile | 2024-10-17 | N/A | 7.8 HIGH |
| A DLL hijack vulnerability was reported in Lenovo Super File that could allow a local attacker to execute code with elevated privileges. | |||||
| CVE-2024-4130 | 1 Lenovo | 1 App Store | 2024-10-17 | N/A | 7.8 HIGH |
| A DLL hijack vulnerability was reported in Lenovo App Store that could allow a local attacker to execute code with elevated privileges. | |||||
| CVE-2024-4131 | 1 Lenovo | 1 Emulator | 2024-10-17 | N/A | 7.8 HIGH |
| A DLL hijack vulnerability was reported in Lenovo Emulator that could allow a local attacker to execute code with elevated privileges. | |||||
| CVE-2024-4132 | 1 Lenovo | 1 Lock Screen | 2024-10-17 | N/A | 7.8 HIGH |
| A DLL hijack vulnerability was reported in Lenovo Lock Screen that could allow a local attacker to execute code with elevated privileges. | |||||
| CVE-2024-9046 | 1 Lenovo | 1 Starstudio | 2024-10-17 | N/A | 7.8 HIGH |
| A DLL hijack vulnerability was reported in Lenovo stARstudio that could allow a local attacker to execute code with elevated privileges. | |||||
| CVE-2024-47194 | 1 Siemens | 2 Modelsim, Questa | 2024-10-16 | N/A | 7.3 HIGH |
| A vulnerability has been identified in ModelSim (All versions < V2024.3), Questa (All versions < V2024.3). vish2.exe in affected applications allows a specific DLL file to be loaded from the current working directory. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges in installations where administrators or processes with elevated privileges launch vish2.exe from a user-writable directory. | |||||
| CVE-2024-47195 | 1 Siemens | 2 Modelsim, Questa | 2024-10-16 | N/A | 7.3 HIGH |
| A vulnerability has been identified in ModelSim (All versions < V2024.3), Questa (All versions < V2024.3). gdb.exe in affected applications allows a specific executable file to be loaded from the current working directory. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges in installations where administrators or processes with elevated privileges launch gdb.exe from a user-writable directory. | |||||
| CVE-2024-47196 | 1 Siemens | 2 Modelsim, Questa | 2024-10-16 | N/A | 7.3 HIGH |
| A vulnerability has been identified in ModelSim (All versions < V2024.3), Questa (All versions < V2024.3). vsimk.exe in affected applications allows a specific tcl file to be loaded from the current working directory. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges in installations where administrators or processes with elevated privileges launch vsimk.exe from a user-writable directory. | |||||
| CVE-2024-33579 | 2024-10-15 | N/A | 7.8 HIGH | ||
| A DLL hijack vulnerability was reported in Lenovo Baiying that could allow a local attacker to execute code with elevated privileges. | |||||
| CVE-2024-33580 | 2024-10-15 | N/A | 7.8 HIGH | ||
| A DLL hijack vulnerability was reported in Lenovo Personal Cloud that could allow a local attacker to execute code with elevated privileges. | |||||
| CVE-2024-33578 | 2024-10-15 | N/A | 7.8 HIGH | ||
| A DLL hijack vulnerability was reported in Lenovo Leyun that could allow a local attacker to execute code with elevated privileges. | |||||
| CVE-2024-33582 | 2024-10-15 | N/A | 7.8 HIGH | ||
| A DLL hijack vulnerability was reported in Lenovo Service Framework that could allow a local attacker to execute code with elevated privileges. | |||||
| CVE-2024-33581 | 2024-10-15 | N/A | 7.8 HIGH | ||
| A DLL hijack vulnerability was reported in Lenovo PC Manager AI intelligent scenario that could allow a local attacker to execute code with elevated privileges. | |||||
| CVE-2024-45246 | 2024-10-07 | N/A | 7.3 HIGH | ||
| Diebold Nixdorf – CWE-427: Uncontrolled Search Path Element | |||||
| CVE-2024-6510 | 1 Avg | 1 Internet Security | 2024-10-02 | N/A | 7.8 HIGH |
| Local Privilege Escalation in AVG Internet Security v24 on Windows allows a local unprivileged user to escalate privileges to SYSTEM via COM-Hijacking. | |||||
| CVE-2024-44168 | 1 Apple | 1 Macos | 2024-09-26 | N/A | 5.5 MEDIUM |
| A library injection issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to modify protected parts of the file system. | |||||
| CVE-2024-34153 | 1 Intel | 1 Raid Web Console | 2024-09-23 | N/A | 7.8 HIGH |
| Uncontrolled search path element in Intel(R) RAID Web Console software for all versions may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-39613 | 1 Mattermost | 1 Mattermost Desktop | 2024-09-20 | N/A | 7.8 HIGH |
| Mattermost Desktop App versions <=5.8.0 fail to specify an absolute path when searching the cmd.exe file, which allows a local attacker who is able to put an cmd.exe file in the Downloads folder of a user's machine to cause remote code execution on that machine. | |||||