Total
800 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-20722 | 1 Fujitsu | 1 Scansnap Manager | 2024-08-03 | 7.8 High |
| Untrusted search path vulnerability in the installers of ScanSnap Manager prior to versions V7.0L20 and the Software Download Installer prior to WinSSInst2JP.exe and WinSSInst2iX1500JP.exe allows an attacker to gain privileges and execute arbitrary code with the privilege of the user invoking the installer via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2021-20674 | 1 Ntt-tx | 1 Magicconnect | 2024-08-03 | 7.8 High |
| Untrusted search path vulnerability in Installer of MagicConnect Client program distributed before 2021 March 1 allows an attacker to gain privileges and via a Trojan horse DLL in an unspecified directory and to execute arbitrary code with the privilege of the user invoking the installer when a terminal is connected remotely using Remote desktop. | ||||
| CVE-2021-20616 | 1 Skygroup | 1 Skysea Client View | 2024-08-03 | 7.8 High |
| Untrusted search path vulnerability in the installer of SKYSEA Client View Ver.1.020.05b to Ver.16.001.01g allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2021-20051 | 1 Sonicwall | 1 Global Vpn Client | 2024-08-03 | 7.8 High |
| SonicWall Global VPN Client 4.10.7.1117 installer (32-bit and 64-bit) and earlier versions have a DLL Search Order Hijacking vulnerability in one of the installer components. Successful exploitation via a local attacker could result in command execution in the target system. | ||||
| CVE-2021-20047 | 1 Sonicwall | 1 Global Vpn Client | 2024-08-03 | 7.8 High |
| SonicWall Global VPN client version 4.10.6 (32-bit and 64-bit) and earlier have a DLL Search Order Hijacking vulnerability. Successful exploitation via a local attacker could result in remote code execution in the target system. | ||||
| CVE-2021-3840 | 1 Lenovo | 1 Antilles | 2024-08-03 | 8.8 High |
| A dependency confusion vulnerability was reported in the Antilles open-source software prior to version 1.0.1 that could allow for remote code execution during installation due to a package listed in requirements.txt not existing in the public package index (PyPi). MITRE classifies this weakness as an Uncontrolled Search Path Element (CWE-427) in which a private package dependency may be replaced by an unauthorized package of the same name published to a well-known public repository such as PyPi. The configuration has been updated to only install components built by Antilles, removing all other public package indexes. Additionally, the antilles-tools dependency has been published to PyPi. | ||||
| CVE-2021-3613 | 1 Openvpn | 1 Connect | 2024-08-03 | 7.8 High |
| OpenVPN Connect 3.2.0 through 3.3.0 allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process (OpenVPNConnect.exe). | ||||
| CVE-2021-3633 | 1 Lenovo | 1 Drivers Management | 2024-08-03 | 7.3 High |
| A DLL preloading vulnerability was reported in Lenovo Driver Management prior to version 2.9.0719.1104 that could allow privilege escalation. | ||||
| CVE-2021-3606 | 2 Microsoft, Openvpn | 2 Windows, Openvpn | 2024-08-03 | 7.8 High |
| OpenVPN before version 2.5.3 on Windows allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process (openvpn.exe). | ||||
| CVE-2021-3550 | 1 Lenovo | 1 Pcmanager | 2024-08-03 | 7.8 High |
| A DLL search path vulnerability was reported in Lenovo PCManager, prior to version 3.0.500.5102, that could allow privilege escalation. | ||||
| CVE-2021-3464 | 1 Lenovo | 1 Pcmanager | 2024-08-03 | 7.8 High |
| A DLL search path vulnerability was reported in Lenovo PCManager, prior to version 3.0.400.3252, that could allow privilege escalation. | ||||
| CVE-2021-3115 | 5 Fedoraproject, Golang, Microsoft and 2 more | 7 Fedora, Go, Windows and 4 more | 2024-08-03 | 7.5 High |
| Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download). | ||||
| CVE-2021-1089 | 1 Nvidia | 1 Gpu Display Driver | 2024-08-03 | 7.8 High |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in nvidia-smi where an uncontrolled DLL loading path may lead to arbitrary code execution, denial of service, information disclosure, and data tampering. | ||||
| CVE-2021-0169 | 1 Intel | 44 Amt Ac 8260, Amt Ac 8260 Firmware, Amt Ac 8265 and 41 more | 2024-08-03 | 6.7 Medium |
| Uncontrolled Search Path Element in software for Intel(R) PROSet/Wireless Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2021-0160 | 1 Intel | 6 Avermedia Capture Card, Nuc Pro Chassis Element Cmcm2fb, Nuc Pro Chassis Element Cmcm2fbav and 3 more | 2024-08-03 | 7.8 High |
| Uncontrolled search path in some Intel(R) NUC Pro Chassis Element AverMedia Capture Card drivers before version 3.0.64.143 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2021-0108 | 1 Intel | 1 Unite | 2024-08-03 | 7.3 High |
| Uncontrolled search path in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access. | ||||
| CVE-2021-0104 | 1 Intel | 1 Rapid Storage Technology | 2024-08-03 | 7.8 High |
| Uncontrolled search path element in the installer for the Intel(R) Rapid Storage Technology software, before versions 17.9.0.34, 18.0.0.640 and 18.1.0.24, may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2021-0090 | 1 Intel | 1 Driver \& Support Assistant | 2024-08-03 | 7.3 High |
| Uncontrolled search path element in Intel(R) DSA before version 20.11.50.9 may allow an authenticated user to potentially enable an escalation of privilege via local access. | ||||
| CVE-2021-0057 | 1 Intel | 4 Lapbc510, Lapbc510 Firmware, Lapbc710 and 1 more | 2024-08-03 | 7.8 High |
| Uncontrolled search path in the Intel(R) NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2021-0082 | 1 Intel | 30 7265, 7265 Firmware, Ac1550 and 27 more | 2024-08-03 | 7.8 High |
| Uncontrolled search path in software installer for Intel(R) PROSet/Wireless WiFi in Windows 10 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||