Total
521 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-8169 | 3 Automount Project, Opensuse, Redhat | 7 Automount, Opensuse, Enterprise Linux and 4 more | 2024-08-06 | N/A |
| automount 5.0.8, when a program map uses certain interpreted languages, uses the calling user's USER and HOME environment variable values instead of the values for the user used to run the mapped program, which allows local users to gain privileges via a Trojan horse program in the user home directory. | ||||
| CVE-2014-3860 | 1 Xilisoft | 1 Video Converter | 2024-08-06 | 7.8 High |
| Xilisoft Video Converter Ultimate 7.8.1 build-20140505 has a DLL Hijacking vulnerability | ||||
| CVE-2014-0315 | 1 Microsoft | 10 Windows 7, Windows 8, Windows 8.1 and 7 more | 2024-08-06 | N/A |
| Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a Trojan horse cmd.exe file in the current working directory, as demonstrated by a directory that contains a .bat or .cmd file, aka "Windows File Handling Vulnerability." | ||||
| CVE-2015-8264 | 1 F-secure | 1 F-secure Online Scanner | 2024-08-06 | N/A |
| Untrusted search path vulnerability in F-Secure Online Scanner allows remote attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL that is located in the same folder as F-SecureOnlineScanner.exe. | ||||
| CVE-2015-6305 | 2 Cisco, Microsoft | 2 Anyconnect Secure Mobility Client, Windows | 2024-08-06 | N/A |
| Untrusted search path vulnerability in the CMainThread::launchDownloader function in vpndownloader.exe in Cisco AnyConnect Secure Mobility Client 2.0 through 4.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by dbghelp.dll, aka Bug ID CSCuv01279. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4211. | ||||
| CVE-2015-3987 | 1 Mcafee | 1 Epo Deep Command | 2024-08-06 | N/A |
| Multiple unquoted Windows search path vulnerabilities in the (1) Client Management and (2) Gateway in McAfee ePO Deep Command 2.1 and 2.2 before HF 1058831 allow local users to gain privileges via unspecified vectors. | ||||
| CVE-2015-3887 | 1 Proxychains-ng Project | 1 Proxychains-ng | 2024-08-06 | N/A |
| Untrusted search path vulnerability in ProxyChains-NG before 4.9 allows local users to gain privileges via a Trojan horse libproxychains4.so library in the current working directory, which is referenced in the LD_PRELOAD path. | ||||
| CVE-2015-0974 | 1 Mobilis | 1 Mobiconnect | 2024-08-06 | N/A |
| Untrusted search path vulnerability in ZTE Datacard MF19 0V1.0.0B04 allows local users to gain privilege by modifying the 'Ucell Internet' directory to reference a malicious mms_dll_r.dll or mediaplayerdll.dll. | ||||
| CVE-2015-0096 | 1 Microsoft | 9 Windows 7, Windows 8, Windows 8.1 and 6 more | 2024-08-06 | N/A |
| Untrusted search path vulnerability in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, leading to DLL loading during Windows Explorer access to the icon of a crafted shortcut, aka "DLL Planting Remote Code Execution Vulnerability." | ||||
| CVE-2016-10837 | 1 Cpanel | 1 Cpanel | 2024-08-06 | N/A |
| cPanel before 11.54.0.4 allows arbitrary code execution because of an unsafe @INC path (SEC-46). | ||||
| CVE-2016-10009 | 2 Openbsd, Redhat | 2 Openssh, Enterprise Linux | 2024-08-06 | N/A |
| Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket. | ||||
| CVE-2016-9274 | 1 Git For Windows Project | 1 Git For Windows | 2024-08-06 | 7.8 High |
| Untrusted search path vulnerability in Git 1.x for Windows allows local users to gain privileges via a Trojan horse git.exe file in the current working directory. NOTE: 2.x is unaffected. | ||||
| CVE-2016-8746 | 1 Apache | 1 Ranger | 2024-08-06 | N/A |
| Apache Ranger before 0.6.3 policy engine incorrectly matches paths in certain conditions when policy does not contain wildcards and has recursion flag set to true. | ||||
| CVE-2016-7838 | 1 Winsparkle | 1 Winsparkle | 2024-08-06 | N/A |
| Untrusted search path vulnerability in WinSparkle versions prior to 0.5.3 allows remote attackers to execute arbitrary code via a specially crafted executable file in an unspecified directory. | ||||
| CVE-2016-7804 | 1 7-zip | 1 7-zip | 2024-08-06 | N/A |
| Untrusted search path vulnerability in 7 Zip for Windows 16.02 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2016-7300 | 1 Microsoft | 1 Auto Updater For Mac | 2024-08-06 | N/A |
| Untrusted search path vulnerability in Microsoft Auto Updater for Mac allows local users to gain privileges via a Trojan horse executable file, aka "Microsoft (MAU) Office Elevation of Privilege Vulnerability." | ||||
| CVE-2016-7085 | 2 Microsoft, Vmware | 3 Windows, Workstation Player, Workstation Pro | 2024-08-06 | N/A |
| Untrusted search path vulnerability in the installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2016-6593 | 1 Symantec | 1 Vip Access Desktop | 2024-08-06 | 7.8 High |
| A code-execution vulnerability exists during startup in jhi.dll and otpiha.dll in Symantec VIP Access Desktop before 2.2.2, which could let local malicious users execute arbitrary code. | ||||
| CVE-2016-6167 | 1 Putty | 1 Putty | 2024-08-06 | 7.8 High |
| Multiple untrusted search path vulnerabilities in Putty beta 0.67 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) UxTheme.dll or (2) ntmarta.dll file in the current working directory. | ||||
| CVE-2016-5330 | 3 Apple, Microsoft, Vmware | 7 Mac Os X, Windows, Esxi and 4 more | 2024-08-06 | 7.8 High |
| Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1.x before 12.1.1, VMware Workstation Player 12.1.x before 12.1.1, and VMware Fusion 8.1.x before 8.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory. | ||||