Total
893 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-28688 | 1 Aveva | 1 Aveva Edge | 2025-02-18 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of APP files. The process loads a library from an unsecured location. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17201. | |||||
| CVE-2022-28687 | 1 Aveva | 1 Aveva Edge | 2025-02-18 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of APP files. The process loads a library from an unsecured location. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16257. | |||||
| CVE-2022-28686 | 1 Aveva | 1 Aveva Edge | 2025-02-18 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of APP files. The process loads a library from an unsecured location. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17114. | |||||
| CVE-2024-57964 | 2025-02-18 | N/A | 7.3 HIGH | ||
| Insecure Loading of Dynamic Link Libraries have been discovered in HVAC Energy Saving Program, which could allow local attackers to potentially disclose information or execute arbitray code on affected systems. This issue affects HVAC Energy Saving Program:. | |||||
| CVE-2024-57963 | 2025-02-18 | N/A | 7.3 HIGH | ||
| Insecure Loading of Dynamic Link Libraries have been discovered in USB-CONVERTERCABLE DRIVER, which could allow local attackers to potentially disclose information or execute arbitray code on affected systems. This issue affects USB-CONVERTERCABLE DRIVER:. | |||||
| CVE-2022-43703 | 1 Arm | 2 Arm Development Studio, Ds Development Studio | 2025-02-13 | N/A | 7.8 HIGH |
| An installer that loads or executes files using an unconstrained search path may be vulnerable to substitute files under control of an attacker being loaded or executed instead of the intended files. | |||||
| CVE-2022-38745 | 1 Apache | 1 Openoffice | 2025-02-13 | N/A | 7.8 HIGH |
| Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory. | |||||
| CVE-2024-47006 | 2025-02-12 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path for the Intel(R) RealSense D400 Series Universal Windows Platform (UWP) Driver for Windows(R) 10 all versions may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-42492 | 2025-02-12 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path element in some BIOS and System Firmware Update Package for Intel(R) Server M50FCP family before version R01.02.0002 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-39372 | 2025-02-12 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path for the Intel(R) XTU software for Windows before version 7.14.2.14 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-39284 | 2025-02-12 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path for some Intel(R) Advisor software before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-36291 | 2025-02-12 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path for some Intel(R) Chipset Software Installation Utility before version 10.1.19867.8574 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-36283 | 2025-02-12 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path for the Intel(R) Thread Director Visualizer software before version 1.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-36280 | 2025-02-12 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path for some Intel(R) High Level Synthesis Compiler software before version 24.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-32938 | 2025-02-12 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path for some Intel(R) MPI Library for Windows software before version 2021.13 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-29223 | 2025-02-12 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-24852 | 2025-02-12 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path in some Intel(R) Ethernet Adapter Complete Driver Pack install before versions 29.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-21830 | 2025-02-12 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path in some Intel(R) VPL software before version 2023.4.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-57426 | 2025-02-11 | N/A | 7.3 HIGH | ||
| NetMod VPN Client 5.3.1 is vulnerable to DLL injection, allowing an attacker to execute arbitrary code by placing a malicious DLL in a directory where the application loads dependencies. This vulnerability arises due to the improper validation of dynamically loaded libraries. | |||||
| CVE-2023-31361 | 2025-02-11 | N/A | 7.3 HIGH | ||
| A DLL hijacking vulnerability in AMD Integrated Management Technology (AIM-T) Manageability Service could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. | |||||