Total
600 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-15566 | 1 Schedmd | 1 Slurm | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
|
Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution.
|
|||||
| CVE-2017-12312 | 1 Cisco | 1 Advanced Malware Protection For Endpoints | 2025-04-20 | 7.2 HIGH | 6.7 MEDIUM |
|
An untrusted search path (aka DLL Preloading) vulnerability in the Cisco Immunet antimalware installer could allow an authenticated, local attacker to execute arbitrary code via DLL hijacking if a local user with administrative privileges executes the installer in the current working directory where a crafted DLL has been placed by an attacker. The vulnerability is due to incomplete input validation of path and file names of a DLL file before it is loaded. An attacker could exploit this vulnerab ...
Show More |
|||||
| CVE-2017-10851 | 2 Fujixerox, Microsoft | 2 Contentsbridge Utility, Windows | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
Untrusted search path vulnerability in Installer for ContentsBridge Utility for Windows 7.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
|||||
| CVE-2017-11742 | 2 Libexpat Project, Microsoft | 2 Libexpat, Windows | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
|
The writeRandomBytes_RtlGenRandom function in xmlparse.c in libexpat in Expat 2.2.1 and 2.2.2 on Windows allows local users to gain privileges via a Trojan horse ADVAPI32.DLL in the current working directory because of an untrusted search path, aka DLL hijacking.
|
|||||
| CVE-2017-2214 | 1 Jiransoft | 2 Appcheck, Appcheck Pro | 2025-04-20 | 9.3 HIGH | 8.4 HIGH |
|
Untrusted search path vulnerability in AppCheck and AppCheck Pro prior to version 2.0.1.15 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory.
|
|||||
| CVE-2017-10830 | 1 Ntt | 1 Security Setup Tool | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
Untrusted search path vulnerability in Security Setup Tool all versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
|||||
| CVE-2017-10859 | 1 Daj | 1 I-filter Installer | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
Untrusted search path vulnerability in "i-filter 6.0 installer" timestamp of code signing is before 23 Aug 2017 (JST) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
|||||
| CVE-2016-7838 | 1 Winsparkle | 1 Winsparkle | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
|
Untrusted search path vulnerability in WinSparkle versions prior to 0.5.3 allows remote attackers to execute arbitrary code via a specially crafted executable file in an unspecified directory.
|
|||||
| CVE-2017-11157 | 2 Microsoft, Synology | 2 Windows, Cloud Station Backup | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
|
Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Backup before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory.
|
|||||
| CVE-2017-2211 | 1 Gsi | 1 Patchjgd | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
Untrusted search path vulnerability in PatchJGD (Hyoko) (PatchJGDh101.EXE) ver. 1.0.1 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
|||||
| CVE-2017-10865 | 1 Hitachi-solutions | 1 Confidential File Decryption | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Note this is a separate vulnerability from CVE-2017-10863.
|
|||||
| CVE-2016-1417 | 1 Snort | 1 Snort | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
|
Untrusted search path vulnerability in Snort 2.9.7.0-WIN32 allows remote attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse tcapi.dll that is located in the same folder on a remote file share as a pcap file that is being processed.
|
|||||
| CVE-2017-2271 | 1 Hibara | 1 Attachecase | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
Untrusted search path vulnerability in Self-extracting encrypted files created by AttacheCase ver.2.8.3.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
|||||
| CVE-2017-11159 | 2 Microsoft, Synology | 2 Windows, Photo Station Uploader | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
|
Multiple untrusted search path vulnerabilities in installer in Synology Photo Station Uploader before 1.4.2-084 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory.
|
|||||
| CVE-2017-10836 | 1 Optim | 1 Optimal Guard | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
Untrusted search path vulnerability in Optimal Guard 1.1.21 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
|||||
| CVE-2017-2167 | 1 Softbank | 1 Primedrive Desktop Application | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
|
Untrusted search path vulnerability in Installer for PrimeDrive Desktop Application version 1.4.4 and earlier allows remote attackers to execute arbitrary code via a specially crafted executable file in an unspecified directory.
|
|||||
| CVE-2016-4846 | 1 Securebrain | 1 Phishwall Client | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
Untrusted search path vulnerability in the installer of PhishWall Client Internet Explorer before 3.7.8.2.
|
|||||
| CVE-2017-10848 | 1 Fujixerox | 2 Docuworks, Docuworks Viewer Light | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
Untrusted search path vulnerability in Installers for DocuWorks 8.0.7 and earlier and DocuWorks Viewer Light published in Jul 2017 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
|||||
| CVE-2017-2268 | 1 Resume-next | 1 Filecapsule Deluxe Portable | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
Untrusted search path vulnerability in Encrypted files in self-decryption format created by FileCapsule Deluxe Portable Ver.1.0.5.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
|||||
| CVE-2017-2191 | 1 Sharp | 2 Rw-5100 Driver Installer For Windows 7, Rw-5100 Driver Installer For Windows 8.1 | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
Untrusted search path vulnerability in RW-5100 driver installer for Windows 7 version 1.0.0.9 and RW-5100 driver installer for Windows 8.1 version 1.0.1.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
|||||
| CVE-2017-10825 | 1 Flets-w | 1 Flets Easy Setup Tool | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
|
Untrusted search path vulnerability in Installer of Flets Easy Setup Tool Ver1.2.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
|||||
| CVE-2017-12480 | 1 Sandboxie | 1 Sandboxie Installer | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
|
Sandboxie installer 5071703 has a DLL Hijacking or Unsafe DLL Loading Vulnerability via a Trojan horse dwmapi.dll or profapi.dll file in an AppData\Local\Temp directory.
|
|||||
| CVE-2017-2189 | 1 Sharp | 1 Rw-4040 | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
Untrusted search path vulnerability in RW-4040 driver installer for Windows 7 version 2.27 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
|||||
| CVE-2017-2983 | 1 Adobe | 1 Shockwave Player | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
|
Adobe Shockwave versions 12.2.7.197 and earlier have an insecure library loading (DLL hijacking) vulnerability. Successful exploitation could lead to escalation of privilege.
|
|||||
| CVE-2017-2220 | 1 Ipa | 1 Casl Ii Simulator | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
|
Untrusted search path vulnerability in Installer of CASL II simulator (self-extract format) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
|||||
| CVE-2017-10858 | 1 Daj | 1 I-filter Installer | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
Untrusted search path vulnerability in "i-filter 6.0 install program" file version 1.0.8.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
|||||
| CVE-2016-4902 | 1 Jpki | 3 The Public Certification Service For Individuals, The Public Certification Service For Individuals For Windows 7, The Public Certification Service For Individuals For Windows Vista | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
Untrusted search path vulnerability in The Public Certification Service for Individuals "The JPKI user's software (for Windows 7 and later)" Ver3.0.1 and earlier, The Public Certification Service for Individuals "The JPKI user's software (for Windows Vista)" Ver3.0.1 and earlier and The Public Certification Service for Individuals "The JPKI user's software" Ver2.6 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
|
|||||
| CVE-2017-2249 | 1 Chitora | 1 Lhaz\+ | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
Untrusted search path vulnerability in Self-extracting archive files created by Lhaz+ version 3.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
|||||
| CVE-2017-2177 | 1 Shogyo | 1 Touki Denshi | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
|
Untrusted search path vulnerability in Installer of Shogyo Touki Denshi Ninsho Software Ver 1.7 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
|||||
| CVE-2016-4900 | 1 Evernote | 1 Evernote | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
|
Untrusted search path vulnerability in Evernote for Windows versions prior to 6.3 allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
|
|||||
| CVE-2017-10863 | 1 Hitachi-solutions | 1 Confidential File Decryption | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Note this is a separate vulnerability from CVE-2017-10865.
|
|||||
| CVE-2017-10820 | 1 Ipa | 1 Ip Messenger | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
Untrusted search path vulnerability in Installer of IP Messenger for Win 4.60 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
|||||
| CVE-2017-2253 | 1 Yahoo | 1 Toolbar | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
Untrusted search path vulnerability in Installer of Yahoo! Toolbar (for Internet explorer) v8.0.0.6 and earlier, with its timestamp prior to June 13, 2017, 18:18:55 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
|||||
| CVE-2017-2229 | 1 Douroshisetu | 1 Kihon Data Sakusei System | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
|
Untrusted search path vulnerability in Douroshisetu Kihon Data Sakusei System Ver1.0.2 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
|||||
| CVE-2017-2247 | 1 Chitora | 1 Lhaz | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
Untrusted search path vulnerability in Self-extracting archive files created by Lhaz version 2.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
|||||
| CVE-2017-5235 | 1 Rapid7 | 1 Metasploit | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
|
Rapid7 Metasploit Pro installers prior to version 4.13.0-2017022101 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer.
|
|||||
| CVE-2017-17010 | 1 Sony | 1 Content Manager Assistant | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
|
Untrusted search path vulnerability in Content Manager Assistant for PlayStation version 3.55.7671.0901 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
|||||
| CVE-2017-2227 | 1 Charamin | 1 Omp | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
|
Untrusted search path vulnerability in The installer of Charamin OMP Version 1.1.7.4 and earlier, Version 1.2.0.0 Beta and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
|||||
| CVE-2017-2228 | 1 Enecho.meti | 1 Teikihoukokusho Sakuseishien Tool | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
Untrusted search path vulnerability in Teikihoukokusho Sakuseishien Tool v4.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
|||||
| CVE-2017-11748 | 1 Softonic | 1 Spider Player | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
|
VIT Spider Player 2.5.3 has an untrusted search path, allowing DLL hijacking via a Trojan horse dwmapi.dll, olepro32.dll, dsound.dll, or AUDIOSES.dll file.
|
|||||