Total
540 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-2266 | 1 Resume-next | 1 Filecapsule Deluxe Portable | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Encrypted files in self-decryption format created by FileCapsule Deluxe Portable Ver.1.0.4.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-2214 | 1 Jiransoft | 2 Appcheck, Appcheck Pro | 2025-04-20 | 9.3 HIGH | 8.4 HIGH |
| Untrusted search path vulnerability in AppCheck and AppCheck Pro prior to version 2.0.1.15 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory. | |||||
| CVE-2017-5232 | 1 Rapid7 | 1 Nexpose | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| All editions of Rapid7 Nexpose installers prior to version 6.4.24 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. | |||||
| CVE-2017-5234 | 1 Rapid7 | 1 Insight Collector | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| Rapid7 Insight Collector installers prior to version 1.0.16 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. | |||||
| CVE-2017-2107 | 1 Akky | 1 7-zip32.dll | 2025-04-20 | 6.9 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in Self-extracting archive files created by 7-ZIP32.DLL 9.22.00.01 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-10909 | 1 Sony | 1 Music Center | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Music Center for PC version 1.0.01 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-2193 | 1 Tera Term Project | 1 Tera Term | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in the installer of Tera Term 4.94 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-12252 | 1 Cisco | 1 Findit Network Discovery Utility | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local attacker to perform a DLL preloading attack, potentially causing a partial impact to device availability, confidentiality, and integrity. The vulnerability is due to the application loading a malicious copy of a specific, nondefined DLL file instead of the DLL file it was expecting. An attacker could exploit this vulnerability by placing an affected DLL within the search path of the host system. An exploit could allow the attacker to load a malicious DLL file into the system, thus partially compromising confidentiality, integrity, and availability on the device. Cisco Bug IDs: CSCve89785. | |||||
| CVE-2016-7804 | 1 7-zip | 1 7-zip | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in 7 Zip for Windows 16.02 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-15566 | 1 Schedmd | 1 Slurm | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
| Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution. | |||||
| CVE-2017-2192 | 1 Sharp | 1 Rw-5100 | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in RW-5100 tool to verify execution environment for Windows 7 version 1.1.0.0 and RW-5100 tool to verify execution environment for Windows 8.1 version 1.2.0.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-2208 | 1 Acquisition Technology And Logistics Agency | 1 Installer Of Electronic Tendering | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in Installer of Electronic tendering and bid opening system available prior to June 12, 2017 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory. | |||||
| CVE-2017-2267 | 1 Resume-next | 1 Filecapsule Deluxe Portable | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in FileCapsule Deluxe Portable Ver.1.0.5.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-2272 | 1 Hibara | 1 Attachecase | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Self-extracting encrypted files created by AttacheCase ver.3.2.2.6 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-2207 | 1 Saat | 1 Personal | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
| Untrusted search path vulnerability in the installer of SaAT Personal ver.1.0.10.272 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-11749 | 1 Internet-soft | 1 Ftp Commander | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| InternetSoft FTP Commander 8.02 and prior has an untrusted search path, allowing DLL hijacking via a Trojan horse dwmapi.dll file. | |||||
| CVE-2017-12480 | 1 Sandboxie | 1 Sandboxie Installer | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| Sandboxie installer 5071703 has a DLL Hijacking or Unsafe DLL Loading Vulnerability via a Trojan horse dwmapi.dll or profapi.dll file in an AppData\Local\Temp directory. | |||||
| CVE-2016-4901 | 1 National Tax Agency | 1 E-tax | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in The installer of e-Tax Software all versions allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-12892 | 1 Foxitsoftware | 1 Pdf Compressor | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| Foxit PDF Compressor installers from versions from 7.0.0.183 to 7.7.2.10 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. | |||||
| CVE-2017-2149 | 1 Toshiba | 1 Flashair | 2025-04-20 | 9.3 HIGH | 8.8 HIGH |
| Untrusted search path vulnerability in installers of the software for SDHC/SDXC Memory Card with embedded NFC functionality Software Update Tool V1.00.03 and earlier, SDHC Memory Card with embedded wireless LAN functionality FlashAir Configuration Software V3.0.2 and earlier, SDHC Memory Card with embedded wireless LAN functionality FlashAir Software Update tool (SD-WE series<W-03>) V3.00.01, SDHC Memory Card with embedded wireless LAN functionality FlashAir Software Update tool (SD-WD/WC series<W-02>) V2.00.03 and earlier, SDHC Memory Card with embedded wireless LAN functionality FlashAir Software Update tool (SD-WB/WL series) V1.00.04 and earlier, SDHC Memory Card with embedded TransferJet functionality Configuration Software V1.02 and earlier, SDHC Memory Card with embedded TransferJet functionality Software Update tool V1.00.06 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||