Search Results (652 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-2189 1 Sharp 1 Rw-4040 2025-04-20 N/A
Untrusted search path vulnerability in RW-4040 driver installer for Windows 7 version 2.27 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-2212 1 Gsi 1 Tky2jgd 2025-04-20 N/A
Untrusted search path vulnerability in TKY2JGD (TKY2JGD1379.EXE) ver. 1.3.79 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-2214 1 Jiransoft 2 Appcheck, Appcheck Pro 2025-04-20 N/A
Untrusted search path vulnerability in AppCheck and AppCheck Pro prior to version 2.0.1.15 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory.
CVE-2017-2215 1 E-tax.nta 1 E-tax 2025-04-20 N/A
Untrusted search path vulnerability in Installer of "Setup file of advance preparation" (jizen_setup.exe) (The version which was available on the website prior to 2017 June 12) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-2230 1 Nilim 1 Road Construction Completion Diagram Check Program 2025-04-20 N/A
Untrusted search path vulnerability in Douro Kouji Kanseizutou Check Program Ver3.1 (cdrw_checker_3.1.0.lzh) and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-5235 1 Rapid7 1 Metasploit 2025-04-20 N/A
Rapid7 Metasploit Pro installers prior to version 4.13.0-2017022101 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer.
CVE-2017-16997 2 Gnu, Redhat 5 Glibc, Enterprise Linux, Enterprise Linux Desktop and 2 more 2025-04-20 N/A
elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the "./" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution.
CVE-2017-6768 1 Cisco 1 Application Policy Infrastructure Controller 2025-04-20 N/A
A vulnerability in the build procedure for certain executable system files installed at boot time on Cisco Application Policy Infrastructure Controller (APIC) devices could allow an authenticated, local attacker to gain root-level privileges. The vulnerability is due to a custom executable system file that was built to use relative search paths for libraries without properly validating the library to be loaded. An attacker could exploit this vulnerability by authenticating to the device and loading a malicious library that can escalate the privilege level. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device. The attacker must have valid user credentials to log in to the device. Cisco Bug IDs: CSCvc96087. Known Affected Releases: 1.1(0.920a), 1.1(1j), 1.1(3f); 1.2 Base, 1.2(2), 1.2(3), 1.2.2; 1.3(1), 1.3(2), 1.3(2f); 2.0 Base, 2.0(1).
CVE-2017-8137 1 Huawei 1 Hedex Lite 2025-04-20 N/A
HedEx Earlier than V200R006C00 versions has a dynamic link library (DLL) hijacking vulnerability due to calling the DDL file by accessing a relative path. An attacker could exploit this vulnerability to tamper with the DLL file, leading to DLL hijacking.
CVE-2017-11159 2 Microsoft, Synology 2 Windows, Photo Station Uploader 2025-04-20 N/A
Multiple untrusted search path vulnerabilities in installer in Synology Photo Station Uploader before 1.4.2-084 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory.
CVE-2017-10892 1 Sony 1 Music Center 2025-04-20 N/A
Untrusted search path vulnerability in Music Center for PC version 1.0.00 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-10887 2 Bookwalker, Microsoft 2 Book Walker, Windows 2025-04-20 N/A
Untrusted search path vulnerability in BOOK WALKER for Windows Ver.1.2.9 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-12480 1 Sandboxie 1 Sandboxie Installer 2025-04-20 N/A
Sandboxie installer 5071703 has a DLL Hijacking or Unsafe DLL Loading Vulnerability via a Trojan horse dwmapi.dll or profapi.dll file in an AppData\Local\Temp directory.
CVE-2017-20123 2 Microsoft, Sparklabs 2 Windows, Viscosity 2025-04-15 8.8 High
A vulnerability was found in Viscosity 1.6.7. It has been classified as critical. This affects an unknown part of the component DLL Handler. The manipulation leads to untrusted search path. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.6.8 is able to address this issue. It is recommended to upgrade the affected component.
CVE-2023-36778 1 Microsoft 1 Exchange Server 2025-04-14 8 High
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-36780 1 Microsoft 1 Skype For Business Server 2025-04-14 7.2 High
Skype for Business Remote Code Execution Vulnerability
CVE-2023-41766 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-04-14 7.8 High
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
CVE-2016-1014 6 Adobe, Apple, Google and 3 more 14 Air Desktop Runtime, Air Sdk, Air Sdk \& Compiler and 11 more 2025-04-12 7.3 High
Untrusted search path vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows local users to gain privileges via a Trojan horse resource in an unspecified directory.
CVE-2016-1531 1 Exim 1 Exim 2025-04-12 N/A
Exim before 4.86.2, when installed setuid root, allows local users to gain privileges via the perl_startup argument.
CVE-2014-0315 1 Microsoft 10 Windows 7, Windows 8, Windows 8.1 and 7 more 2025-04-12 N/A
Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a Trojan horse cmd.exe file in the current working directory, as demonstrated by a directory that contains a .bat or .cmd file, aka "Windows File Handling Vulnerability."