Total
403 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-10887 | 2 Bookwalker, Microsoft | 2 Book Walker, Windows | 2017-12-04 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in BOOK WALKER for Windows Ver.1.2.9 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-4939 | 1 Vmware | 1 Workstation | 2017-12-03 | 6.8 MEDIUM | 7.8 HIGH |
| VMware Workstation (12.x before 12.5.8) installer contains a DLL hijacking issue that exists due to some DLL files loaded by the application improperly. This issue may allow an attacker to load a DLL file of the attacker's choosing that could execute arbitrary code. | |||||
| CVE-2016-6803 | 2 Apache, Microsoft | 2 Openoffice, Windows | 2017-11-29 | 9.3 HIGH | 7.8 HIGH |
| An installer defect known as an "unquoted Windows search path vulnerability" affected the Apache OpenOffice before 4.1.3 installers for Windows. The PC must have previously been infected by a Trojan Horse application (or user) running with administrative privilege. Any installer with the unquoted search path vulnerability becomes a delayed trigger for the exploit. | |||||
| CVE-2017-10885 | 1 Sbisec | 1 Hyper Sbi | 2017-11-29 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in HYPER SBI Ver. 2.2 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-10825 | 1 Flets-w | 1 Flets Easy Setup Tool | 2017-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in Installer of Flets Easy Setup Tool Ver1.2.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-10863 | 1 Hitachi-solutions | 1 Confidential File Decryption | 2017-10-20 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Note this is a separate vulnerability from CVE-2017-10865. | |||||
| CVE-2017-10864 | 1 Hitachi-solutions | 1 Confidential File Viewer | 2017-10-20 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Installer of HIBUN Confidential File Viewer prior to 11.20.0001 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-10865 | 1 Hitachi-solutions | 1 Confidential File Decryption | 2017-10-20 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Note this is a separate vulnerability from CVE-2017-10863. | |||||
| CVE-2015-3887 | 1 Proxychains-ng Project | 1 Proxychains-ng | 2017-10-03 | 7.2 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in ProxyChains-NG before 4.9 allows local users to gain privileges via a Trojan horse libproxychains4.so library in the current working directory, which is referenced in the LD_PRELOAD path. | |||||
| CVE-2017-10860 | 1 Daj | 1 I-filter Installer | 2017-09-21 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in "i-filter 6.0 installer" timestamp of code signing is before 23 Aug 2017 (JST) allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory. | |||||
| CVE-2017-10858 | 1 Daj | 1 I-filter Installer | 2017-09-21 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in "i-filter 6.0 install program" file version 1.0.8.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-10859 | 1 Daj | 1 I-filter Installer | 2017-09-21 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in "i-filter 6.0 installer" timestamp of code signing is before 23 Aug 2017 (JST) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-10855 | 2 Fujitsu, Microsoft | 4 Fence-explorer, Windows 10, Windows 7 and 1 more | 2017-09-21 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in FENCE-Explorer for Windows V8.4.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2015-0974 | 1 Mobilis | 1 Mobiconnect | 2017-09-12 | 7.2 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in ZTE Datacard MF19 0V1.0.0B04 allows local users to gain privilege by modifying the 'Ucell Internet' directory to reference a malicious mms_dll_r.dll or mediaplayerdll.dll. | |||||
| CVE-2017-10851 | 2 Fujixerox, Microsoft | 2 Contentsbridge Utility, Windows | 2017-09-06 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Installer for ContentsBridge Utility for Windows 7.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-10848 | 1 Fujixerox | 2 Docuworks, Docuworks Viewer Light | 2017-09-06 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Installers for DocuWorks 8.0.7 and earlier and DocuWorks Viewer Light published in Jul 2017 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-10829 | 1 Ntt | 1 Enkaku Support Tool | 2017-09-05 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Remote Support Tool (Enkaku Support Tool) All versions distributed through the website till 2017 August 10 allow an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-10849 | 1 Fujixerox | 1 Docuworks | 2017-09-05 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Self-extracting document generated by DocuWorks 8.0.7 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-11157 | 2 Microsoft, Synology | 2 Windows, Cloud Station Backup | 2017-09-05 | 4.6 MEDIUM | 7.8 HIGH |
| Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Backup before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory. | |||||
| CVE-2017-10836 | 1 Optim | 1 Optimal Guard | 2017-09-01 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Optimal Guard 1.1.21 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||