Total
877 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-25174 | 1 Bbraun | 1 Onlinesuite Application Package | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
| A DLL hijacking vulnerability in the B. Braun OnlineSuite Version AP 3.0 and earlier allows local attackers to execute code on the system as a high privileged user. | |||||
| CVE-2020-25045 | 1 Kaspersky | 2 Security Center, Security Center Web Console | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
| Installers of Kaspersky Security Center and Kaspersky Security Center Web Console prior to 12 & prior to 12 Patch A were vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges in the system. | |||||
| CVE-2020-24755 | 1 Ui | 1 Unifi Video | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
| In Ubiquiti UniFi Video v3.10.13, when the executable starts, its first library validation is in the current directory. This allows the impersonation and modification of the library to execute code on the system. This was tested in (Windows 7 x64/Windows 10 x64). | |||||
| CVE-2020-24578 | 1 Dlink | 2 Dsl2888a, Dsl2888a Firmware | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. It has a misconfigured FTP service that allows a malicious network user to access system folders and download sensitive files (such as the password hash file). | |||||
| CVE-2020-24485 | 1 Intel | 1 Trace Analyzer And Collector | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
| Improper conditions check in the Intel(R) FPGA OPAE Driver for Linux before kernel version 4.17 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-24451 | 1 Intel | 1 Optane Dc Persistent Memory Module Management | 2024-11-21 | 4.4 MEDIUM | 7.3 HIGH |
| Uncontrolled search path in the Intel(R) Optane(TM) DC Persistent Memory installer for Windows* before version 1.00.00.3506 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-24447 | 2 Adobe, Microsoft | 2 Lightroom, Windows | 2024-11-21 | 3.7 LOW | 7.0 HIGH |
| Adobe Lightroom Classic version 10.0 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2020-24440 | 2 Adobe, Microsoft | 2 Prelude, Windows | 2024-11-21 | 3.7 LOW | 7.0 HIGH |
| Adobe Prelude version 9.0.1 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2020-24425 | 3 Adobe, Apple, Microsoft | 3 Dreamweaver, Macos, Windows | 2024-11-21 | 7.2 HIGH | 7.5 HIGH |
| Dreamweaver version 20.2 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. Successful exploitation could result in a local user with permissions to write to the file system running system commands with administrator privileges. | |||||
| CVE-2020-24424 | 3 Adobe, Apple, Microsoft | 3 Premiere Pro, Macos, Windows | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
| Adobe Premiere Pro version 14.4 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2020-24423 | 2 Adobe, Microsoft | 2 Media Encoder, Windows | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
| Adobe Media Encoder version 14.4 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2020-24422 | 1 Adobe | 1 Creative Cloud | 2024-11-21 | 6.8 MEDIUM | 7.0 HIGH |
| Adobe Creative Cloud Desktop Application version 5.2 (and earlier) and 2.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2020-24420 | 2 Adobe, Microsoft | 2 Photoshop, Windows | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
| Adobe Photoshop for Windows version 21.2.1 (and earlier) is affected by an uncontrolled search path element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2020-24419 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
| Adobe After Effects version 17.1.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2020-24356 | 1 Cloudflare | 1 Cloudflared | 2024-11-21 | 4.6 MEDIUM | 6.4 MEDIUM |
| `cloudflared` versions prior to 2020.8.1 contain a local privilege escalation vulnerability on Windows systems. When run on a Windows system, `cloudflared` searches for configuration files which could be abused by a malicious entity to execute commands as a privileged user. Version 2020.8.1 fixes this issue. | |||||
| CVE-2020-24162 | 1 Tencent | 1 Tencent | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
| The Shenzhen Tencent app 5.8.2.5300 for PC platforms (from Tencent App Center) has a DLL hijacking vulnerability. Attackers can use this vulnerability to execute malicious code. | |||||
| CVE-2020-24161 | 1 163 | 1 Netease Mail Master | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
| Guangzhou NetEase Mail Master 4.14.1.1004 on Windows has a DLL hijacking vulnerability. Attackers can use this vulnerability to execute malicious code. | |||||
| CVE-2020-24160 | 1 Tencent | 1 Tim | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
| Shenzhen Tencent TIM Windows client 3.0.0.21315 has a DLL hijacking vulnerability, which can be exploited by attackers to execute malicious code. | |||||
| CVE-2020-24159 | 1 163 | 1 Netease Youdao Dictionary | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
| NetEase Youdao Dictionary has a DLL hijacking vulnerability, which can be exploited by attackers to gain server permissions. This affects Guangzhou NetEase Youdao Dictionary 8.9.2.0. | |||||
| CVE-2020-24158 | 1 360 | 1 Speed Browser | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
| 360 Speed Browser 12.0.1247.0 has a DLL hijacking vulnerability, which can be exploited by attackers to execute malicious code. It is a dual-core browser owned by Beijing Qihoo Technology. | |||||