Total
549 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-9673 | 1 Adobe | 1 Coldfusion | 2025-05-05 | 4.4 MEDIUM | 7.8 HIGH |
Adobe ColdFusion 2016 update 15 and earlier versions, and ColdFusion 2018 update 9 and earlier versions have a dll search-order hijacking vulnerability. Successful exploitation could lead to privilege escalation. | |||||
CVE-2020-9672 | 1 Adobe | 1 Coldfusion | 2025-05-05 | 4.4 MEDIUM | 7.8 HIGH |
Adobe ColdFusion 2016 update 15 and earlier versions, and ColdFusion 2018 update 9 and earlier versions have a dll search-order hijacking vulnerability. Successful exploitation could lead to privilege escalation. | |||||
CVE-2024-58250 | 2025-04-23 | N/A | 9.3 CRITICAL | ||
The passprompt plugin in pppd in ppp before 2.5.2 mishandles privileges. | |||||
CVE-2017-2209 | 1 Santeikohyo | 1 Installer Of Houkokusyo Sakusei Shien Tool | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
Untrusted search path vulnerability in the installer of Houkokusyo Sakusei Shien Tool ver3.0.2 (For the first installation) (The version which was available on the website from 2017 April 4 to 2017 May 18) and ver2.0 and later (For the first installation) (The versions which were available on the website prior to 2017 April 4) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
CVE-2017-2221 | 1 Baidu | 1 Baidu Ime | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
Untrusted search path vulnerability in Installer of Baidu IME Ver3.6.1.6 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
CVE-2017-2108 | 1 Softbank | 1 Primedrive Desktop Application | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
Untrusted search path vulnerability in PrimeDrive Desktop Application 1.4.3 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
CVE-2017-13070 | 1 Qnap | 1 Qsync | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
A DLL Hijacking vulnerability in QNAP Qsync for Windows (exe) version 4.2.2.0724 and earlier could allow remote attackers to execute arbitrary code on Windows machines. | |||||
CVE-2017-2190 | 1 Sharp | 1 Rw-4040 | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
Untrusted search path vulnerability in RW-4040 tool to verify execution environment for Windows 7 version 1.2.0.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
CVE-2017-2252 | 1 Sourcenext | 1 File Compact | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
Untrusted search path vulnerability in self-extracting archive files created by File Compact Ver.5 version 5.10 and earlier, Ver.6 version 6.02 and earlier, Ver.7 version 7.02 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
CVE-2017-2107 | 1 Akky | 1 7-zip32.dll | 2025-04-20 | 6.9 MEDIUM | 7.8 HIGH |
Untrusted search path vulnerability in Self-extracting archive files created by 7-ZIP32.DLL 9.22.00.01 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
CVE-2017-2212 | 1 Gsi | 1 Tky2jgd | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
Untrusted search path vulnerability in TKY2JGD (TKY2JGD1379.EXE) ver. 1.3.79 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
CVE-2017-2207 | 1 Saat | 1 Personal | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
Untrusted search path vulnerability in the installer of SaAT Personal ver.1.0.10.272 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
CVE-2017-6798 | 1 Trendmicro | 1 Endpoint Sensor | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
Trend Micro Endpoint Sensor 1.6 before b1290 has a DLL hijacking vulnerability that allows remote attackers to execute arbitrary code, aka Trend Micro Vulnerability Identifier 2015-0208. | |||||
CVE-2016-1417 | 1 Snort | 1 Snort | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
Untrusted search path vulnerability in Snort 2.9.7.0-WIN32 allows remote attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse tcapi.dll that is located in the same folder on a remote file share as a pcap file that is being processed. | |||||
CVE-2017-5235 | 1 Rapid7 | 1 Metasploit | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
Rapid7 Metasploit Pro installers prior to version 4.13.0-2017022101 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. | |||||
CVE-2017-2265 | 1 Resume-next | 1 Filecapsule Deluxe Portable | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
Untrusted search path vulnerability in FileCapsule Deluxe Portable Ver.1.0.4.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
CVE-2017-10830 | 1 Ntt | 1 Security Setup Tool | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
Untrusted search path vulnerability in Security Setup Tool all versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
CVE-2017-2193 | 1 Tera Term Project | 1 Tera Term | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
Untrusted search path vulnerability in the installer of Tera Term 4.94 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
CVE-2017-10887 | 2 Bookwalker, Microsoft | 2 Book Walker, Windows | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
Untrusted search path vulnerability in BOOK WALKER for Windows Ver.1.2.9 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
CVE-2017-2156 | 1 Vivaldi | 1 Vivaldi Installer For Windows | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
Untrusted search path vulnerability in Vivaldi installer for Windows prior to version 1.7.735.48 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory. |