Export limit exceeded: 363826 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (2568 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-1000475 1 Freesshd 1 Freesshd 2024-11-21 N/A
FreeSSHd 1.3.1 version is vulnerable to an Unquoted Path Service allowing local users to launch processes with elevated privileges.
CVE-2016-6593 1 Symantec 1 Vip Access Desktop 2024-11-21 7.8 High
A code-execution vulnerability exists during startup in jhi.dll and otpiha.dll in Symantec VIP Access Desktop before 2.2.2, which could let local malicious users execute arbitrary code.
CVE-2016-6592 1 Symantec 1 Norton Download Manager 2024-11-21 7.8 High
A vulnerability was found in Symantec Norton Download Manager versions prior to 5.6. A remote user can create a specially crafted DLL file that, when placed on the target user's system, will cause the Norton Download Manager component to load the remote user's DLL instead of the intended DLL and execute arbitrary code when the Norton Download Manager component is run by the target user.
CVE-2016-5311 1 Symantec 9 Endpoint Protection, Endpoint Protection Cloud, Norton 360 and 6 more 2024-11-21 7.8 High
A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges.
CVE-2016-10837 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 11.54.0.4 allows arbitrary code execution because of an unsafe @INC path (SEC-46).
CVE-2015-1014 1 Schneider-electric 3 Citectscada, Opc Factory Server, Scada Expert Vijeo Citect 2024-11-21 N/A
A successful exploit of these vulnerabilities requires the local user to load a crafted DLL file in the system directory on servers running Schneider Electric OFS v3.5 with version v7.40 of SCADA Expert Vijeo Citect/CitectSCADA, OFS v3.5 with version v7.30 of Vijeo Citect/CitectSCADA, and OFS v3.5 with version v7.20 of Vijeo Citect/CitectSCADA.. If the application attempts to open that file, the application could crash or allow the attacker to execute arbitrary code. Schneider Electric recommends vulnerable users upgrade the OFS to V3.5 and install the latest service pack (SP 6 or newer) for their associated version.
CVE-2014-3860 1 Xilisoft 1 Video Converter 2024-11-21 7.8 High
Xilisoft Video Converter Ultimate 7.8.1 build-20140505 has a DLL Hijacking vulnerability
CVE-2013-3942 1 Daum 1 Potplayer 2024-11-21 7.8 High
Potplayer prior to 1.5.39659: DLL Loading Arbitrary Code Execution Vulnerability
CVE-2013-3494 1 Umplayer Project 1 Umplayer 2024-11-21 7.8 High
A Code Execution Vulnerability exists in UMPlayer 0.98 in wintab32.dll due to insufficient path restrictions when loading external libraries. which could let a malicious user execute arbitrary code.
CVE-2013-2773 1 Gonitro 1 Nitropdf 2024-11-21 7.8 High
Nitro PDF 8.5.0.26: A specially crafted DLL file can facilitate Arbitrary Code Execution
CVE-2013-0725 1 Hexagongeospatial 1 Erdas Er Viewer 2024-11-21 7.8 High
ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary code execution vulnerabilities
CVE-2012-0945 1 Whoopsie-daisy Project 1 Whoopsie-daisy 2024-11-21 4.9 Medium
whoopsie-daisy before 0.1.26: Root user can remove arbitrary files
CVE-2011-4125 1 Calibre-ebook 1 Calibre 2024-11-21 9.8 Critical
A untrusted search path issue was found in Calibre at devices/linux_mount_helper.c leading to the ability of unprivileged users to execute any program as root.
CVE-2024-36507 1 Fortinet 2 Forticlient, Forticlientwindows 2024-11-14 6.7 Medium
A untrusted search path in Fortinet FortiClientWindows versions 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0 allows an attacker to run arbitrary code via DLL hijacking and social engineering.
CVE-2024-47942 1 Siemens 1 Solid Edge Se2024 2024-11-13 7.3 High
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). The affected applications suffer from a DLL hijacking vulnerability. This could allow an attacker to execute arbitrary code via placing a crafted DLL file on the system.
CVE-2024-9325 1 Intelbras 2 Incontrol, Incontrol Web 2024-11-04 7.8 High
A vulnerability classified as critical has been found in Intelbras InControl up to 2.21.56. This affects an unknown part of the file C:\Program Files (x86)\Intelbras\Incontrol Cliente\incontrol_webcam\incontrol-service-watchdog.exe. The manipulation leads to unquoted search path. It is possible to launch the attack on the local host. Upgrading to version 2.21.58 is able to address this issue. It is recommended to upgrade the affected component. The vendor was informed early on 2024-08-05 about this issue. The release of a fixed version 2.21.58 was announced for the end of August 2024 but then was postponed until 2024-09-20.
CVE-2024-10093 2 Vso, Vso-software 2 Convertxtodvd, Convertxtodvd 2024-11-01 7.8 High
A vulnerability, which was classified as critical, was found in VSO ConvertXtoDvd 7.0.0.83. Affected is an unknown function in the library avcodec.dll of the file ConvertXtoDvd.exe. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-48605 1 Helakuru 1 Helakuru 2024-10-30 7.8 High
An issue in Helakuru Desktop Application v1.1 allows a local attacker to execute arbitrary code via the lack of proper validation of the wow64log.dll file.
CVE-2024-49390 1 Acronis 1 Cyber Files 2024-10-18 7.3 High
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24.
CVE-2024-49391 1 Acronis 1 Cyber Files 2024-10-18 7.3 High
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24.