Total
785 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-41141 | 1 Windscribe | 1 Windscribe | 2023-02-03 | N/A | 7.8 HIGH |
| This vulnerability allows local attackers to escalate privileges on affected installations of Windscribe. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of OpenSSL. The product loads an OpenSSL configuration file from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-16859. | |||||
| CVE-2019-4473 | 1 Ibm | 1 Java | 2023-01-31 | 4.6 MEDIUM | 7.8 HIGH |
| Multiple binaries in IBM SDK, Java Technology Edition 7, 7R, and 8 on the AIX platform use insecure absolute RPATHs, which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 163984. | |||||
| CVE-2019-6564 | 1 Ge | 1 Ge Communicator | 2023-01-31 | 6.9 MEDIUM | 7.8 HIGH |
| GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to place malicious files within the installer file directory, which may allow an attacker to gain administrative privileges on a system during installation or upgrade. | |||||
| CVE-2019-6534 | 1 Gemalto | 1 Sentinel Ultrapro Client Library | 2023-01-31 | 6.8 MEDIUM | 7.8 HIGH |
| The uncontrolled search path element vulnerability in Gemalto Sentinel UltraPro Client Library ux32w.dll Versions 1.3.0, 1.3.1, and 1.3.2 enables an attacker to load and execute a malicious file. | |||||
| CVE-2019-4094 | 2 Ibm, Linux | 2 Db2, Linux Kernel | 2023-01-30 | 7.2 HIGH | 7.8 HIGH |
| IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 binaries load shared libraries from an untrusted path potentially giving low privilege user full access to root by loading a malicious shared library. IBM X-Force ID: 158014. | |||||
| CVE-2020-12423 | 2 Microsoft, Mozilla | 2 Windows, Firefox | 2023-01-30 | 6.9 MEDIUM | 7.8 HIGH |
| When the Windows DLL "webauthn.dll" was missing from the Operating System, and a malicious one was placed in a folder in the user's %PATH%, Firefox may have loaded the DLL, leading to arbitrary code execution. *Note: This issue only affects the Windows operating system; other operating systems are unaffected.* This vulnerability affects Firefox < 78. | |||||
| CVE-2020-14349 | 2 Opensuse, Postgresql | 2 Leap, Postgresql | 2023-01-24 | 4.6 MEDIUM | 7.1 HIGH |
| It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the search_path during logical replication. An authenticated attacker could use this flaw in an attack similar to CVE-2018-1058, in order to execute arbitrary SQL command in the context of the user used for replication. | |||||
| CVE-2023-0247 | 1 Bloom Project | 1 Bloom | 2023-01-20 | N/A | 7.8 HIGH |
| Uncontrolled Search Path Element in GitHub repository bits-and-blooms/bloom prior to 3.3.1. | |||||
| CVE-2019-4447 | 3 Ibm, Linux, Microsoft | 3 Db2 High Performance Unload Load, Linux Kernel, Windows | 2022-12-02 | 7.2 HIGH | 7.8 HIGH |
| IBM DB2 High Performance Unload load for LUW 6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1, and 6.1.0.1 IF2 db2hpum_debug is a setuid root binary which trusts the PATH environment variable. A low privileged user can execute arbitrary commands as root by altering the PATH variable to point to a user controlled location. When a crash is induced the trojan gdb command is executed. IBM X-Force ID: 163488. | |||||
| CVE-2019-6546 | 1 Ge | 1 Ge Communicator | 2022-11-30 | 6.8 MEDIUM | 7.8 HIGH |
| GE Communicator, all versions prior to 4.0.517, allows an attacker to place malicious files within the working directory of the program, which may allow an attacker to manipulate widgets and UI elements. | |||||
| CVE-2021-43037 | 1 Kaseya | 1 Unitrends Backup | 2022-11-28 | 6.9 MEDIUM | 7.8 HIGH |
| An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The Unitrends Windows agent was vulnerable to DLL injection and binary planting due to insecure default permissions. This allowed privilege escalation from an unprivileged user to SYSTEM. | |||||
| CVE-2022-28766 | 1 Zoom | 2 Meetings, Rooms | 2022-11-22 | N/A | 7.3 HIGH |
| Windows 32-bit versions of the Zoom Client for Meetings before 5.12.6 and Zoom Rooms for Conference Room before version 5.12.6 are susceptible to a DLL injection vulnerability. A local low-privileged user could exploit this vulnerability to run arbitrary code in the context of the Zoom client. | |||||
| CVE-2022-36924 | 1 Zoom | 1 Rooms | 2022-11-22 | N/A | 7.8 HIGH |
| The Zoom Rooms Installer for Windows prior to 5.12.6 contains a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability during the install process to escalate their privileges to the SYSTEM user. | |||||
| CVE-2019-3881 | 1 Bundler | 1 Bundler | 2022-11-08 | 4.4 MEDIUM | 7.8 HIGH |
| Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user's home directory are not available. If Bundler is used in a scenario where the user does not have a writable home directory, an attacker could place malicious code in this directory that would be later loaded and executed. | |||||
| CVE-2022-44744 | 1 Acronis | 1 Cyber Protect Home Office | 2022-11-08 | N/A | 7.3 HIGH |
| Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107. | |||||
| CVE-2017-20052 | 1 Python | 1 Python | 2022-11-05 | 4.4 MEDIUM | 7.8 HIGH |
| A vulnerability classified as problematic was found in Python 2.7.13. This vulnerability affects unknown code of the component pgAdmin4. The manipulation leads to uncontrolled search path. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2022-32223 | 2 Microsoft, Nodejs | 2 Windows, Node.js | 2022-10-28 | N/A | 7.3 HIGH |
| Node.js is vulnerable to Hijack Execution Flow: DLL Hijacking under certain conditions on Windows platforms.This vulnerability can be exploited if the victim has the following dependencies on a Windows machine:* OpenSSL has been installed and “C:\Program Files\Common Files\SSL\openssl.cnf” exists.Whenever the above conditions are present, `node.exe` will search for `providers.dll` in the current user directory.After that, `node.exe` will try to search for `providers.dll` by the DLL Search Order in Windows.It is possible for an attacker to place the malicious file `providers.dll` under a variety of paths and exploit this vulnerability. | |||||
| CVE-2022-36840 | 1 Samsung | 1 Update | 2022-10-27 | N/A | 7.8 HIGH |
| DLL hijacking vulnerability in Samsung Update Setup prior to version 2.2.9.50 allows attackers to execute arbitrary code. | |||||
| CVE-2021-37617 | 1 Nextcloud | 1 Desktop | 2022-10-25 | 4.4 MEDIUM | 7.3 HIGH |
| The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. The Nextcloud Desktop Client invokes its uninstaller script when being installed to make sure there are no remnants of previous installations. In versions 3.0.3 through 3.2.4, the Client searches the `Uninstall.exe` file in a folder that can be written by regular users. This could lead to a case where a malicious user creates a malicious `Uninstall.exe`, which would be executed with administrative privileges on the Nextcloud Desktop Client installation. This issue is fixed in Nextcloud Desktop Client version 3.3.0. As a workaround, do not allow untrusted users to create content in the `C:\` system folder and verify that there is no malicious `C:\Uninstall.exe` file on the system. | |||||
| CVE-2020-25238 | 1 Siemens | 2 Simatic Process Control System Neo, Totally Integrated Automation Portal | 2022-10-21 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability has been identified in PCS neo (Administration Console) (All versions < V3.1), TIA Portal (V15, V15.1 and V16). Manipulating certain files in specific folders could allow a local attacker to execute code with SYSTEM privileges. The security vulnerability could be exploited by an attacker with a valid account and limited access rights on the system. | |||||