Total
785 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-34430 | 1 Intel | 1 Battery Life Diagnostic Tool | 2023-11-21 | N/A | 7.8 HIGH |
| Uncontrolled search path in some Intel Battery Life Diagnostic Tool software before version 2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-34350 | 1 Intel | 1 Extreme Tuning Utility | 2023-11-21 | N/A | 7.8 HIGH |
| Uncontrolled search path element in some Intel(R) XTU software before version 7.12.0.15 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-29504 | 1 Intel | 1 Realsense D400 Series Dynamic Calibration Tool | 2023-11-21 | N/A | 7.8 HIGH |
| Uncontrolled search path element in some Intel(R) RealSense(TM) Dynamic Calibration software before version 2.13.1.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-29161 | 1 Intel | 1 One Boot Flash Update | 2023-11-21 | N/A | 7.8 HIGH |
| Uncontrolled search path in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-32660 | 1 Intel | 2 Nuc Kit Nuc6i7kyk, Thunderbolt 3 Controller Firmware | 2023-11-20 | N/A | 7.3 HIGH |
| Uncontrolled search path in some Intel(R) NUC Kit NUC6i7KYK Thunderbolt(TM) 3 Firmware Update Tool installation software before version 46 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-33874 | 1 Intel | 7 Hid Event Filter Driver, Nuc 12 Pro Board Nuc12wsbv5, Nuc 12 Pro Board Nuc12wsbv7 and 4 more | 2023-11-20 | N/A | 7.3 HIGH |
| Uncontrolled search path in some Intel(R) NUC 12 Pro Kits & Mini PCs - NUC12WS Intel(R) HID Event Filter Driver installation software before version 2.2.2.1 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2021-31847 | 1 Mcafee | 1 Agent | 2023-11-15 | 6.9 MEDIUM | 7.8 HIGH |
| Improper access control vulnerability in the repair process for McAfee Agent for Windows prior to 5.7.4 could allow a local attacker to perform a DLL preloading attack using unsigned DLLs. This would result in elevation of privileges and the ability to execute arbitrary code as the system user, through not correctly protecting a temporary directory used in the repair process and not checking the DLL signature. | |||||
| CVE-2021-31853 | 1 Mcafee | 1 Drive Encryption | 2023-11-15 | 4.6 MEDIUM | 7.8 HIGH |
| DLL Search Order Hijacking Vulnerability in McAfee Drive Encryption (MDE) prior to 7.3.0 HF2 (7.3.0.183) allows local users to execute arbitrary code and escalate privileges via execution from a compromised folder. | |||||
| CVE-2022-1824 | 1 Mcafee | 1 Consumer Product Removal Tool | 2023-11-15 | 4.4 MEDIUM | 8.2 HIGH |
| An uncontrolled search path vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local attacker to perform a sideloading attack by using a specific file name. This could result in the user gaining elevated permissions and being able to execute arbitrary code as there were insufficient checks on the executable being signed by McAfee. | |||||
| CVE-2023-47113 | 2 Bleachbit, Microsoft | 2 Bleachbit, Windows | 2023-11-15 | N/A | 7.3 HIGH |
| BleachBit cleans files to free disk space and to maintain privacy. BleachBit for Windows up to version 4.4.2 is vulnerable to a DLL Hijacking vulnerability. By placing a DLL in the Folder c:\DLLs, an attacker can run arbitrary code on every execution of BleachBit for Windows. This issue has been patched in version 4.5.0. | |||||
| CVE-2023-0898 | 1 Ge | 1 Micom S1 Agile | 2023-11-14 | N/A | 7.3 HIGH |
| General Electric MiCOM S1 Agile is vulnerable to an attacker achieving code execution by placing malicious DLL files in the directory of the application. | |||||
| CVE-2023-31016 | 2 Microsoft, Nvidia | 2 Windows, Virtual Gpu | 2023-11-13 | N/A | 7.8 HIGH |
| NVIDIA GPU Display Driver for Windows contains a vulnerability where an uncontrolled search path element may allow an attacker to execute arbitrary code, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. | |||||
| CVE-2023-44220 | 1 Sonicwall | 1 Netextender | 2023-11-07 | N/A | 7.3 HIGH |
| SonicWall NetExtender Windows (32-bit and 64-bit) client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component. Successful exploitation via a local attacker could result in command execution in the target system. | |||||
| CVE-2023-36853 | 1 Keysight | 1 Geolocation Server | 2023-11-07 | N/A | 7.8 HIGH |
| ?In Keysight Geolocation Server v2.4.2 and prior, a low privileged attacker could create a local ZIP file containing a malicious script in any location. The attacker could abuse this to load a DLL with SYSTEM privileges. | |||||
| CVE-2023-34355 | 1 Intel | 2 Integrated Bmc Video Driver, Server Board M10jnp2sb | 2023-11-07 | N/A | 7.3 HIGH |
| Uncontrolled search path element for some Intel(R) Server Board M10JNP2SB integrated BMC video drivers before version 3.0 for Microsoft Windows and before version 1.13.4 for linux may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-31197 | 1 Intel | 1 Trace Analyzer And Collector | 2023-11-07 | N/A | 7.8 HIGH |
| Uncontrolled search path in the Intel(R) Trace Analyzer and Collector before version 2020 update 3 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-29151 | 1 Intel | 1 Platform Service Record Software Development Kit | 2023-11-07 | N/A | 7.8 HIGH |
| Uncontrolled search path element in some Intel(R) PSR SDK before version 1.0.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-28823 | 1 Intel | 29 Advisor For Oneapi, Cpu Runtime For Opencl Applications, Distribution For Python Programming Language and 26 more | 2023-11-07 | N/A | 7.3 HIGH |
| Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-28405 | 1 Intel | 1 Openvino | 2023-11-07 | N/A | 7.8 HIGH |
| Uncontrolled search path in the Intel(R) Distribution of OpenVINO(TM) Toolkit before version 2022.3.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-28380 | 1 Intel | 1 Ai Hackathon | 2023-11-07 | N/A | 8.8 HIGH |
| Uncontrolled search path for the Intel(R) AI Hackathon software before version 2.0.0 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | |||||