Total
553 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-2249 | 1 Chitora | 1 Lhaz\+ | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Self-extracting archive files created by Lhaz+ version 3.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-2266 | 1 Resume-next | 1 Filecapsule Deluxe Portable | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Encrypted files in self-decryption format created by FileCapsule Deluxe Portable Ver.1.0.4.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-11748 | 1 Softonic | 1 Spider Player | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| VIT Spider Player 2.5.3 has an untrusted search path, allowing DLL hijacking via a Trojan horse dwmapi.dll, olepro32.dll, dsound.dll, or AUDIOSES.dll file. | |||||
| CVE-2017-1144 | 1 Ibm | 2 Integration Bus, Websphere Message Broker | 2025-04-20 | 1.9 LOW | 2.5 LOW |
| IBM WebSphere Message Broker could allow a local user with specialized access to prevent the message broker from starting. IBM X-Force ID: 122033. | |||||
| CVE-2017-17069 | 2 Amazon, Microsoft | 2 Audible, Windows | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| ActiveSetupN.exe in Amazon Audible for Windows before November 2017 allows attackers to execute arbitrary DLL code if ActiveSetupN.exe is launched from a directory where an attacker has already created a Trojan horse dwmapi.dll file. | |||||
| CVE-2017-2176 | 1 Jasdf | 1 Screensavers | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in screensaver installers (jasdf_01.exe, jasdf_02.exe, jasdf_03.exe, jasdf_04.exe, jasdf_05.exe, scramble_setup.exe, clock_01_setup.exe, clock_02_setup.exe) available prior to May 25, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-2279 | 1 Kiri | 1 Tween | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Tween Ver1.6.6.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-11159 | 2 Microsoft, Synology | 2 Windows, Photo Station Uploader | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| Multiple untrusted search path vulnerabilities in installer in Synology Photo Station Uploader before 1.4.2-084 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory. | |||||
| CVE-2017-5236 | 1 Rapid7 | 1 Appspider Pro | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| Editions of Rapid7 AppSpider Pro installers prior to version 6.14.060 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. | |||||
| CVE-2017-2178 | 1 Atla | 1 Electronic Tendering And Bid Opening System | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
| Untrusted search path vulnerability in Installer of electronic tendering and bid opening system available prior to May 25, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2015-0974 | 1 Mobilis | 1 Mobiconnect | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in ZTE Datacard MF19 0V1.0.0B04 allows local users to gain privilege by modifying the 'Ucell Internet' directory to reference a malicious mms_dll_r.dll or mediaplayerdll.dll. | |||||
| CVE-2017-2218 | 2 Apple, Microsoft | 2 Quicktime, Windows | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in Installer of QuickTime for Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-10851 | 2 Fujixerox, Microsoft | 2 Contentsbridge Utility, Windows | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Installer for ContentsBridge Utility for Windows 7.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-2214 | 1 Jiransoft | 2 Appcheck, Appcheck Pro | 2025-04-20 | 9.3 HIGH | 8.4 HIGH |
| Untrusted search path vulnerability in AppCheck and AppCheck Pro prior to version 2.0.1.15 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory. | |||||
| CVE-2017-11158 | 2 Microsoft, Synology | 2 Windows, Cloud Station Drive | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Drive before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory. | |||||
| CVE-2017-10828 | 1 Ntt | 1 Flets Install Tool | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Flets Install Tool all versions distributed through the website till 2017 August 8 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-2188 | 1 Maff | 1 Denshinouhin Check System | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in Installer of Denshinouhin Check System (for Ministry of Agriculture, Forestry and Fisheries Nouson Seibi Jigyou) 2014 March Edition (Ver.9.0.001.001) [Updated on 2017 June 9], (Ver.8.0.001.001) [Updated on 2016 May 31] and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-17809 | 1 Goldenfrog | 1 Vyprvpn | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| In Golden Frog VyprVPN before 2.15.0.5828 for macOS, the vyprvpnservice launch daemon has an unprotected XPC service that allows attackers to update the underlying OpenVPN configuration and the arguments passed to the OpenVPN binary when executed. An attacker can abuse this vulnerability by forcing the VyprVPN application to load a malicious dynamic library every time a new connection is made. | |||||
| CVE-2017-10855 | 2 Fujitsu, Microsoft | 4 Fence-explorer, Windows 10, Windows 7 and 1 more | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in FENCE-Explorer for Windows V8.4.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-10827 | 1 Ntt | 1 Flets Azukuu Pc Automatic Backup Tool | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Flets Azukeru for Windows Auto Backup Tool v1.0.3.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||