Total
521 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-11771 | 1 Eclipse | 1 Openj9 | 2024-08-04 | 7.8 High |
| AIX builds of Eclipse OpenJ9 before 0.15.0 contain unused RPATHs which may facilitate code injection and privilege elevation by local users. | ||||
| CVE-2019-11660 | 1 Microfocus | 1 Data Protector | 2024-08-04 | 7.8 High |
| Privileges manipulation in Micro Focus Data Protector, versions 10.00, 10.01, 10.02, 10.03, 10.04, 10.10, 10.20, 10.30, 10.40. This vulnerability could be exploited by a low-privileged user to execute a custom binary with higher privileges. | ||||
| CVE-2019-11351 | 1 Teamspeak | 1 Teamspeak | 2024-08-04 | N/A |
| TeamSpeak 3 Client before 3.2.5 allows remote code execution in the Qt framework. | ||||
| CVE-2019-10971 | 1 Omron | 1 Network Configurator For Devicenet Safety | 2024-08-04 | N/A |
| The application (Network Configurator for DeviceNet Safety 3.41 and prior) searches for resources by means of an untrusted search path that could execute a malicious .dll file not under the application's direct control and outside the intended directories. | ||||
| CVE-2019-9798 | 2 Google, Mozilla | 2 Android, Firefox | 2024-08-04 | N/A |
| On Android systems, Firefox can load a library from APITRACE_LIB, which is writable by all users and applications. This could allow malicious third party applications to execute a man-in-the-middle attack if a malicious code was written to that location and loaded. *Note: This issue only affects Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 66. | ||||
| CVE-2019-9492 | 2 Microsoft, Trendmicro | 2 Windows, Officescan | 2024-08-04 | N/A |
| A DLL side-loading vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow an authenticated attacker to gain code execution and terminate the product's process - disabling endpoint protection. The attacker must have already gained authentication and have local access to the vulnerable system. | ||||
| CVE-2019-8801 | 1 Apple | 2 Itunes, Mac Os X | 2024-08-04 | 7.8 High |
| A dynamic library loading issue existed in iTunes setup. This was addressed with improved path searching. This issue is fixed in macOS Catalina 10.15.1, iTunes for Windows 12.10.2. Running the iTunes installer in an untrusted directory may result in arbitrary code execution. | ||||
| CVE-2019-8461 | 1 Checkpoint | 3 Capsule Docs Standalone Client, Endpoint Security, Remote Access Clients | 2024-08-04 | N/A |
| Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH location on a clean image without Endpoint Client installed. An attacker can leverage this to gain LPE using a specially crafted DLL placed in any PATH location accessible with write permissions to the user. | ||||
| CVE-2019-8453 | 1 Checkpoint | 1 Zonealarm | 2024-08-04 | N/A |
| Some of the DLLs loaded by Check Point ZoneAlarm up to 15.4.062 are taken from directories where all users have write permissions. This can allow a local attacker to replace a DLL file with a malicious one and cause Denial of Service to the client. | ||||
| CVE-2019-6826 | 1 Schneider-electric | 1 Somachine Hvac | 2024-08-04 | 7.8 High |
| A CWE-426: Untrusted Search Path vulnerability exists in SoMachine HVAC v2.4.1 and earlier versions, which could cause arbitrary code execution on the system running SoMachine HVAC when a malicious DLL library is loaded by the product. | ||||
| CVE-2019-6724 | 4 Apple, Barracuda, Linux and 1 more | 4 Mac Os X, Vpn Client, Linux Kernel and 1 more | 2024-08-04 | N/A |
| The barracudavpn component of the Barracuda VPN Client prior to version 5.0.2.7 for Linux, macOS, and OpenBSD runs as a privileged process and can allow an unprivileged local attacker to load a malicious library, resulting in arbitrary code executing as root. | ||||
| CVE-2019-6019 | 1 Ipa | 1 Stamp Workbench | 2024-08-04 | 7.8 High |
| Untrusted search path vulnerability in STAMP Workbench installer all versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2019-5958 | 1 Soumu | 1 Electronic Reception And Examination Of Application For Radio Licenses | 2024-08-04 | N/A |
| Untrusted search path vulnerability in Electronic reception and examination of application for radio licenses Offline 1.0.9.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2019-5957 | 1 Soumu | 1 Electronic Reception And Examination Of Application For Radio Licenses | 2024-08-04 | N/A |
| Untrusted search path vulnerability in Installer of Electronic reception and examination of application for radio licenses Online 1.0.9.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2019-5921 | 1 Microsoft | 1 Windows 7 | 2024-08-04 | N/A |
| Untrusted search path vulnerability in Windows 7 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2019-5911 | 2 Micco, Microsoft | 2 Unlha32.dll, Windows | 2024-08-04 | N/A |
| Untrusted search path vulnerability in the installer of UNLHA32.DLL (UNLHA32.DLL for Win32 Ver 2.67.1.2 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2019-5922 | 1 Microsoft | 1 Teams | 2024-08-04 | N/A |
| Untrusted search path vulnerability in The installer of Microsoft Teams allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2019-5913 | 2 Micco, Microsoft | 2 Lhmelting, Windows | 2024-08-04 | N/A |
| Untrusted search path vulnerability in the installer of LHMelting (LHMelting for Win32 Ver 1.65.3.6 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2019-5912 | 2 Micco, Microsoft | 2 Unarj32.dll, Windows | 2024-08-04 | N/A |
| Untrusted search path vulnerability in the installer of UNARJ32.DLL (UNARJ32.DLL for Win32 Ver 1.10.1.25 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2019-5429 | 3 Debian, Fedoraproject, Filezilla-project | 3 Debian Linux, Fedora, Filezilla Client | 2024-08-04 | 7.8 High |
| Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacker to gain privileges via a malicious 'fzsftp' binary in the user's home directory. | ||||