Total
800 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-4894 | 2 Hp, Samsung | 2046 1vr14a, 1vr14a Firmware, 209u7a and 2043 more | 2024-08-03 | 7.3 High |
| Certain HP and Samsung Printer software packages may potentially be vulnerable to elevation of privilege due to Uncontrolled Search Path Element. | ||||
| CVE-2022-3859 | 1 Trellix | 1 Agent | 2024-08-03 | 6.7 Medium |
| An uncontrolled search path vulnerability exists in Trellix Agent (TA) for Windows in versions prior to 5.7.8. This allows an attacker with admin access, which is required to place the DLL in the restricted Windows System folder, to elevate their privileges to System by placing a malicious DLL there. | ||||
| CVE-2022-2313 | 1 Mcafee | 1 Agent | 2024-08-03 | 8.2 High |
| A DLL hijacking vulnerability in the MA Smart Installer for Windows prior to 5.7.7, which allows local users to execute arbitrary code and obtain higher privileges via careful placement of a malicious DLL into the folder from where the Smart installer is being executed. | ||||
| CVE-2022-2334 | 1 Softing | 6 Edgeaggregator, Edgeconnector, Opc and 3 more | 2024-08-03 | 7.2 High |
| The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbitrary code on the targeted Softing Secure Integration Server V1.22. | ||||
| CVE-2022-1824 | 1 Mcafee | 1 Consumer Product Removal Tool | 2024-08-03 | 7.9 High |
| An uncontrolled search path vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local attacker to perform a sideloading attack by using a specific file name. This could result in the user gaining elevated permissions and being able to execute arbitrary code as there were insufficient checks on the executable being signed by McAfee. | ||||
| CVE-2022-0192 | 1 Lenovo | 1 Pcmanager | 2024-08-02 | 7.3 High |
| A DLL search path vulnerability was reported in Lenovo PCManager prior to version 4.0.40.2175 that could allow privilege escalation. | ||||
| CVE-2022-0166 | 1 Mcafee | 1 Agent | 2024-08-02 | 7.8 High |
| A privilege escalation vulnerability in the McAfee Agent prior to 5.7.5. McAfee Agent uses openssl.cnf during the build process to specify the OPENSSLDIR variable as a subdirectory within the installation directory. A low privilege user could have created subdirectories and executed arbitrary code with SYSTEM privileges by creating the appropriate pathway to the specifically created malicious openssl.cnf file. | ||||
| CVE-2022-0129 | 1 Mcafee | 1 Techcheck | 2024-08-02 | 7.4 High |
| Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a local administrator to load their own Dynamic Link Library (DLL) gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory that the process was run from. | ||||
| CVE-2023-51711 | 1 Regify | 1 Regipay | 2024-08-02 | 7.8 High |
| An issue was discovered in Regify Regipay Client for Windows version 4.5.1.0 allows DLL hijacking: a user can trigger the execution of arbitrary code every time the product is executed. | ||||
| CVE-2023-51710 | 2024-08-02 | 4.2 Medium | ||
| EMS SQL Manager 3.6.2 (build 55333) for Oracle allows DLL hijacking: a user can trigger the execution of arbitrary code every time the product is executed. | ||||
| CVE-2023-48861 | 2 Baidu, Microsoft | 2 Ttplayer, Windows | 2024-08-02 | 7.8 High |
| DLL hijacking vulnerability in TTplayer version 7.0.2, allows local attackers to escalate privileges and execute arbitrary code via urlmon.dll. | ||||
| CVE-2023-48677 | 2 Acronis, Microsoft | 2 Cyber Protect Home Office, Windows | 2024-08-02 | 7.8 High |
| Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40901. | ||||
| CVE-2023-47454 | 1 Netease | 1 Cloudmusic | 2024-08-02 | 7.8 High |
| An Untrusted search path vulnerability in NetEase CloudMusic 2.10.4 for Windows allows local users to gain escalated privileges through the urlmon.dll file in the current working directory. | ||||
| CVE-2023-47453 | 1 Sohu | 1 Video Player | 2024-08-02 | 7.8 High |
| An Untrusted search path vulnerability in Sohu Video Player 7.0.15.0 allows local users to gain escalated privileges through the version.dll file in the current working directory. | ||||
| CVE-2023-47452 | 1 Notepad-plus-plus | 1 Notepad\+\+ | 2024-08-02 | 7.8 High |
| An Untrusted search path vulnerability in notepad++ 6.5 allows local users to gain escalated privileges through the msimg32.dll file in the current working directory. | ||||
| CVE-2023-45743 | 2024-08-02 | 6.7 Medium | ||
| Uncontrolled search path in some Intel(R) DSA software uninstallers before version 23.4.39.10 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-45320 | 2024-08-02 | 6.7 Medium | ||
| Uncontrolled search path element in some Intel(R) VTune(TM) Profiler software before version 2024.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-45252 | 2 Huddly, Microsoft | 2 Huddlycameraservice, Windows | 2024-08-02 | 7.8 High |
| DLL Hijacking vulnerability in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, due to the installation of the service in a directory that grants write privileges to standard users, allows attackers to manipulate files, execute arbitrary code, and escalate privileges. | ||||
| CVE-2023-45248 | 2 Acronis, Microsoft | 2 Agent, Windows | 2024-08-02 | 7.3 High |
| Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 36497, Acronis Cyber Protect 16 (Windows) before build 37391. | ||||
| CVE-2023-43751 | 1 Intel | 1 Graphics Windows Dch Driver Software | 2024-08-02 | 6.7 Medium |
| Uncontrolled search path in Intel(R) Graphics Command Center Service bundled in some Intel(R) Graphics Windows DCH driver software before versions 31.0.101.3790/31.0.101.2114 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||