Vulnerabilities (CVE)

Filtered by CWE-426
Total 549 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-9673 1 Adobe 1 Coldfusion 2025-05-05 4.4 MEDIUM 7.8 HIGH
Adobe ColdFusion 2016 update 15 and earlier versions, and ColdFusion 2018 update 9 and earlier versions have a dll search-order hijacking vulnerability. Successful exploitation could lead to privilege escalation.
CVE-2020-9672 1 Adobe 1 Coldfusion 2025-05-05 4.4 MEDIUM 7.8 HIGH
Adobe ColdFusion 2016 update 15 and earlier versions, and ColdFusion 2018 update 9 and earlier versions have a dll search-order hijacking vulnerability. Successful exploitation could lead to privilege escalation.
CVE-2024-58250 2025-04-23 N/A 9.3 CRITICAL
The passprompt plugin in pppd in ppp before 2.5.2 mishandles privileges.
CVE-2017-2209 1 Santeikohyo 1 Installer Of Houkokusyo Sakusei Shien Tool 2025-04-20 6.8 MEDIUM 7.8 HIGH
Untrusted search path vulnerability in the installer of Houkokusyo Sakusei Shien Tool ver3.0.2 (For the first installation) (The version which was available on the website from 2017 April 4 to 2017 May 18) and ver2.0 and later (For the first installation) (The versions which were available on the website prior to 2017 April 4) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-2221 1 Baidu 1 Baidu Ime 2025-04-20 9.3 HIGH 7.8 HIGH
Untrusted search path vulnerability in Installer of Baidu IME Ver3.6.1.6 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-2108 1 Softbank 1 Primedrive Desktop Application 2025-04-20 7.2 HIGH 7.8 HIGH
Untrusted search path vulnerability in PrimeDrive Desktop Application 1.4.3 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-13070 1 Qnap 1 Qsync 2025-04-20 9.3 HIGH 7.8 HIGH
A DLL Hijacking vulnerability in QNAP Qsync for Windows (exe) version 4.2.2.0724 and earlier could allow remote attackers to execute arbitrary code on Windows machines.
CVE-2017-2190 1 Sharp 1 Rw-4040 2025-04-20 9.3 HIGH 7.8 HIGH
Untrusted search path vulnerability in RW-4040 tool to verify execution environment for Windows 7 version 1.2.0.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-2252 1 Sourcenext 1 File Compact 2025-04-20 9.3 HIGH 7.8 HIGH
Untrusted search path vulnerability in self-extracting archive files created by File Compact Ver.5 version 5.10 and earlier, Ver.6 version 6.02 and earlier, Ver.7 version 7.02 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-2107 1 Akky 1 7-zip32.dll 2025-04-20 6.9 MEDIUM 7.8 HIGH
Untrusted search path vulnerability in Self-extracting archive files created by 7-ZIP32.DLL 9.22.00.01 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-2212 1 Gsi 1 Tky2jgd 2025-04-20 9.3 HIGH 7.8 HIGH
Untrusted search path vulnerability in TKY2JGD (TKY2JGD1379.EXE) ver. 1.3.79 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-2207 1 Saat 1 Personal 2025-04-20 6.8 MEDIUM 8.8 HIGH
Untrusted search path vulnerability in the installer of SaAT Personal ver.1.0.10.272 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-6798 1 Trendmicro 1 Endpoint Sensor 2025-04-20 9.3 HIGH 7.8 HIGH
Trend Micro Endpoint Sensor 1.6 before b1290 has a DLL hijacking vulnerability that allows remote attackers to execute arbitrary code, aka Trend Micro Vulnerability Identifier 2015-0208.
CVE-2016-1417 1 Snort 1 Snort 2025-04-20 6.8 MEDIUM 8.8 HIGH
Untrusted search path vulnerability in Snort 2.9.7.0-WIN32 allows remote attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse tcapi.dll that is located in the same folder on a remote file share as a pcap file that is being processed.
CVE-2017-5235 1 Rapid7 1 Metasploit 2025-04-20 6.8 MEDIUM 7.8 HIGH
Rapid7 Metasploit Pro installers prior to version 4.13.0-2017022101 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer.
CVE-2017-2265 1 Resume-next 1 Filecapsule Deluxe Portable 2025-04-20 9.3 HIGH 7.8 HIGH
Untrusted search path vulnerability in FileCapsule Deluxe Portable Ver.1.0.4.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-10830 1 Ntt 1 Security Setup Tool 2025-04-20 9.3 HIGH 7.8 HIGH
Untrusted search path vulnerability in Security Setup Tool all versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-2193 1 Tera Term Project 1 Tera Term 2025-04-20 9.3 HIGH 7.8 HIGH
Untrusted search path vulnerability in the installer of Tera Term 4.94 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-10887 2 Bookwalker, Microsoft 2 Book Walker, Windows 2025-04-20 9.3 HIGH 7.8 HIGH
Untrusted search path vulnerability in BOOK WALKER for Windows Ver.1.2.9 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-2156 1 Vivaldi 1 Vivaldi Installer For Windows 2025-04-20 6.8 MEDIUM 7.8 HIGH
Untrusted search path vulnerability in Vivaldi installer for Windows prior to version 1.7.735.48 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory.