Export limit exceeded: 361510 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (2560 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-3494 | 1 Umplayer Project | 1 Umplayer | 2024-11-21 | 7.8 High |
| A Code Execution Vulnerability exists in UMPlayer 0.98 in wintab32.dll due to insufficient path restrictions when loading external libraries. which could let a malicious user execute arbitrary code. | ||||
| CVE-2013-2773 | 1 Gonitro | 1 Nitropdf | 2024-11-21 | 7.8 High |
| Nitro PDF 8.5.0.26: A specially crafted DLL file can facilitate Arbitrary Code Execution | ||||
| CVE-2013-0725 | 1 Hexagongeospatial | 1 Erdas Er Viewer | 2024-11-21 | 7.8 High |
| ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary code execution vulnerabilities | ||||
| CVE-2012-0945 | 1 Whoopsie-daisy Project | 1 Whoopsie-daisy | 2024-11-21 | 4.9 Medium |
| whoopsie-daisy before 0.1.26: Root user can remove arbitrary files | ||||
| CVE-2011-4125 | 1 Calibre-ebook | 1 Calibre | 2024-11-21 | 9.8 Critical |
| A untrusted search path issue was found in Calibre at devices/linux_mount_helper.c leading to the ability of unprivileged users to execute any program as root. | ||||
| CVE-2024-36507 | 1 Fortinet | 2 Forticlient, Forticlientwindows | 2024-11-14 | 6.7 Medium |
| A untrusted search path in Fortinet FortiClientWindows versions 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0 allows an attacker to run arbitrary code via DLL hijacking and social engineering. | ||||
| CVE-2024-47942 | 1 Siemens | 1 Solid Edge Se2024 | 2024-11-13 | 7.3 High |
| A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). The affected applications suffer from a DLL hijacking vulnerability. This could allow an attacker to execute arbitrary code via placing a crafted DLL file on the system. | ||||
| CVE-2024-9325 | 1 Intelbras | 2 Incontrol, Incontrol Web | 2024-11-04 | 7.8 High |
| A vulnerability classified as critical has been found in Intelbras InControl up to 2.21.56. This affects an unknown part of the file C:\Program Files (x86)\Intelbras\Incontrol Cliente\incontrol_webcam\incontrol-service-watchdog.exe. The manipulation leads to unquoted search path. It is possible to launch the attack on the local host. Upgrading to version 2.21.58 is able to address this issue. It is recommended to upgrade the affected component. The vendor was informed early on 2024-08-05 about this issue. The release of a fixed version 2.21.58 was announced for the end of August 2024 but then was postponed until 2024-09-20. | ||||
| CVE-2024-10093 | 2 Vso, Vso-software | 2 Convertxtodvd, Convertxtodvd | 2024-11-01 | 7.8 High |
| A vulnerability, which was classified as critical, was found in VSO ConvertXtoDvd 7.0.0.83. Affected is an unknown function in the library avcodec.dll of the file ConvertXtoDvd.exe. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-48605 | 1 Helakuru | 1 Helakuru | 2024-10-30 | 7.8 High |
| An issue in Helakuru Desktop Application v1.1 allows a local attacker to execute arbitrary code via the lack of proper validation of the wow64log.dll file. | ||||
| CVE-2024-49390 | 1 Acronis | 1 Cyber Files | 2024-10-18 | 7.3 High |
| Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. | ||||
| CVE-2024-49391 | 1 Acronis | 1 Cyber Files | 2024-10-18 | 7.3 High |
| Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. | ||||
| CVE-2024-47422 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2024-10-18 | 7.8 High |
| Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution. An attacker could exploit this vulnerability by inserting a malicious path into the search directories, which the application could unknowingly execute. This could allow the attacker to execute arbitrary code in the context of the current user. Exploitation of this issue requires user interaction. | ||||
| CVE-2024-30117 | 1 Hcltech | 1 Bigfix Platform | 2024-10-17 | 2.5 Low |
| A dynamic search for a prerequisite library could allow the possibility for an attacker to replace the correct file under some circumstances. | ||||
| CVE-2024-4089 | 1 Lenovo | 1 Superfile | 2024-10-17 | 7.8 High |
| A DLL hijack vulnerability was reported in Lenovo Super File that could allow a local attacker to execute code with elevated privileges. | ||||
| CVE-2024-4130 | 1 Lenovo | 1 App Store | 2024-10-17 | 7.8 High |
| A DLL hijack vulnerability was reported in Lenovo App Store that could allow a local attacker to execute code with elevated privileges. | ||||
| CVE-2024-4131 | 1 Lenovo | 1 Emulator | 2024-10-17 | 7.8 High |
| A DLL hijack vulnerability was reported in Lenovo Emulator that could allow a local attacker to execute code with elevated privileges. | ||||
| CVE-2024-4132 | 1 Lenovo | 1 Lock Screen | 2024-10-17 | 7.8 High |
| A DLL hijack vulnerability was reported in Lenovo Lock Screen that could allow a local attacker to execute code with elevated privileges. | ||||
| CVE-2024-9046 | 1 Lenovo | 1 Starstudio | 2024-10-17 | 7.8 High |
| A DLL hijack vulnerability was reported in Lenovo stARstudio that could allow a local attacker to execute code with elevated privileges. | ||||
| CVE-2024-47194 | 1 Siemens | 2 Modelsim, Questa | 2024-10-16 | 6.7 Medium |
| A vulnerability has been identified in ModelSim (All versions < V2024.3), Questa (All versions < V2024.3). vish2.exe in affected applications allows a specific DLL file to be loaded from the current working directory. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges in installations where administrators or processes with elevated privileges launch vish2.exe from a user-writable directory. | ||||