Total
403 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-2207 | 1 Saat | 1 Personal | 2017-06-20 | 6.8 MEDIUM | 8.8 HIGH |
| Untrusted search path vulnerability in the installer of SaAT Personal ver.1.0.10.272 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-2206 | 1 Saat | 1 Netizen | 2017-06-20 | 6.8 MEDIUM | 8.8 HIGH |
| Untrusted search path vulnerability in the installer of SaAT Netizen ver.1.2.10.510 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2016-7838 | 1 Winsparkle | 1 Winsparkle | 2017-06-20 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in WinSparkle versions prior to 0.5.3 allows remote attackers to execute arbitrary code via a specially crafted executable file in an unspecified directory. | |||||
| CVE-2016-8746 | 1 Apache | 1 Ranger | 2017-06-19 | 4.3 MEDIUM | 5.9 MEDIUM |
| Apache Ranger before 0.6.3 policy engine incorrectly matches paths in certain conditions when policy does not contain wildcards and has recursion flag set to true. | |||||
| CVE-2016-4900 | 1 Evernote | 1 Evernote | 2017-06-01 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in Evernote for Windows versions prior to 6.3 allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2016-7804 | 1 7-zip | 1 7-zip | 2017-06-01 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in 7 Zip for Windows 16.02 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2016-4901 | 1 National Tax Agency | 1 E-tax | 2017-05-31 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in The installer of e-Tax Software all versions allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-2175 | 1 Ipa | 1 Empirical Project Monitor - Extended | 2017-05-31 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in Empirical Project Monitor - eXtended all versions allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-2157 | 1 Jpki | 1 The Public Certification Service For Individuals | 2017-05-26 | 4.4 MEDIUM | 7.3 HIGH |
| Untrusted search path vulnerability in installers for The Public Certification Service for Individuals "The JPKI user's software (for Windows 7 and later)" Ver3.1 and earlier, The Public Certification Service for Individuals "The JPKI user's software (for Windows Vista)", The Public Certification Service for Individuals "The JPKI user's software" Ver2.6 and earlier that were available until April 27, 2017 allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-2167 | 1 Softbank | 1 Primedrive Desktop Application | 2017-05-20 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in Installer for PrimeDrive Desktop Application version 1.4.4 and earlier allows remote attackers to execute arbitrary code via a specially crafted executable file in an unspecified directory. | |||||
| CVE-2017-5236 | 1 Rapid7 | 1 Appspider Pro | 2017-05-15 | 6.8 MEDIUM | 7.8 HIGH |
| Editions of Rapid7 AppSpider Pro installers prior to version 6.14.060 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. | |||||
| CVE-2017-2156 | 1 Vivaldi | 1 Vivaldi Installer For Windows | 2017-05-11 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in Vivaldi installer for Windows prior to version 1.7.735.48 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory. | |||||
| CVE-2017-2107 | 1 Akky | 1 7-zip32.dll | 2017-05-10 | 6.9 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in Self-extracting archive files created by 7-ZIP32.DLL 9.22.00.01 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-2108 | 1 Softbank | 1 Primedrive Desktop Application | 2017-05-10 | 7.2 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in PrimeDrive Desktop Application 1.4.3 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2016-4846 | 1 Securebrain | 1 Phishwall Client | 2017-04-26 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in the installer of PhishWall Client Internet Explorer before 3.7.8.2. | |||||
| CVE-2017-3007 | 2 Adobe, Microsoft | 2 Creative Cloud, Windows | 2017-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| Adobe Thor versions 3.9.5.353 and earlier have a vulnerability in the directory search path used to find resources, related to Creative Cloud desktop applications. | |||||
| CVE-2017-6189 | 1 Amazon | 1 Kindle For Pc | 2017-03-24 | 4.4 MEDIUM | 7.3 HIGH |
| Untrusted search path vulnerability in Amazon Kindle for PC before 1.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL in the current working directory of the Kindle Setup installer. | |||||
| CVE-2017-5232 | 1 Rapid7 | 1 Nexpose | 2017-03-20 | 6.8 MEDIUM | 7.8 HIGH |
| All editions of Rapid7 Nexpose installers prior to version 6.4.24 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. | |||||
| CVE-2017-5235 | 1 Rapid7 | 1 Metasploit | 2017-03-07 | 6.8 MEDIUM | 7.8 HIGH |
| Rapid7 Metasploit Pro installers prior to version 4.13.0-2017022101 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. | |||||
| CVE-2017-5234 | 1 Rapid7 | 1 Insight Collector | 2017-03-07 | 6.8 MEDIUM | 7.8 HIGH |
| Rapid7 Insight Collector installers prior to version 1.0.16 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. | |||||