Total
498 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-32592 | 1 Fortinet | 2 Forticlient, Forticlient Enterprise Management Server | 2021-12-02 | 6.9 MEDIUM | 7.8 HIGH |
| An unsafe search path vulnerability in FortiClientWindows 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x and FortiClientEMS 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x may allow an attacker to perform a DLL Hijack attack on affected devices via a malicious OpenSSL engine library in the search path. | |||||
| CVE-2021-44199 | 2 Acronis, Microsoft | 4 Agent, Cyber Protect, Cyber Protect Home Office and 1 more | 2021-11-30 | 1.9 LOW | 5.5 MEDIUM |
| DLL hijacking could lead to denial of service. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27305, Acronis Cyber Protect Home Office (Windows) before build 39612 | |||||
| CVE-2021-44198 | 2 Acronis, Microsoft | 2 Cyber Protect, Windows | 2021-11-30 | 4.4 MEDIUM | 7.8 HIGH |
| DLL hijacking could lead to local privilege escalation. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035 | |||||
| CVE-2021-0082 | 1 Intel | 30 7265, 7265 Firmware, Ac1550 and 27 more | 2021-11-23 | 4.4 MEDIUM | 7.8 HIGH |
| Uncontrolled search path in software installer for Intel(R) PROSet/Wireless WiFi in Windows 10 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-15167 | 1 Johnkerl | 1 Miller | 2021-11-18 | 4.4 MEDIUM | 8.6 HIGH |
| In Miller (command line utility) using the configuration file support introduced in version 5.9.0, it is possible for an attacker to cause Miller to run arbitrary code by placing a malicious `.mlrrc` file in the working directory. See linked GitHub Security Advisory for complete details. A fix is ready and will be released as Miller 5.9.1. | |||||
| CVE-2021-3840 | 1 Lenovo | 1 Antilles | 2021-11-17 | 6.8 MEDIUM | 8.8 HIGH |
| A dependency confusion vulnerability was reported in the Antilles open-source software prior to version 1.0.1 that could allow for remote code execution during installation due to a package listed in requirements.txt not existing in the public package index (PyPi). MITRE classifies this weakness as an Uncontrolled Search Path Element (CWE-427) in which a private package dependency may be replaced by an unauthorized package of the same name published to a well-known public repository such as PyPi. The configuration has been updated to only install components built by Antilles, removing all other public package indexes. Additionally, the antilles-tools dependency has been published to PyPi. | |||||
| CVE-2021-31853 | 1 Mcafee | 1 Drive Encryption | 2021-11-12 | 4.6 MEDIUM | 7.8 HIGH |
| DLL Search Order Hijacking Vulnerability in McAfee Drive Encryption (MDE) prior to 7.3.0 HF2 (7.3.0.183) allows local users to execute arbitrary code and escalate privileges via execution from a compromised folder. | |||||
| CVE-2021-38416 | 1 Deltaww | 1 Dialink | 2021-11-05 | 4.4 MEDIUM | 7.8 HIGH |
| Delta Electronics DIALink versions 1.2.4.0 and prior insecurely loads libraries, which may allow an attacker to use DLL hijacking and takeover the system where the software is installed. | |||||
| CVE-2020-6021 | 1 Checkpoint | 1 Endpoint Security | 2021-11-05 | 4.4 MEDIUM | 7.8 HIGH |
| Check Point Endpoint Security Client for Windows before version E84.20 allows write access to the directory from which the installation repair takes place. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted DLL in the repair folder which will run with the Endpoint client’s privileges. | |||||
| CVE-2021-22037 | 1 Vmware | 1 Installbuilder | 2021-11-03 | 4.4 MEDIUM | 7.8 HIGH |
| Under certain circumstances, when manipulating the Windows registry, InstallBuilder uses the reg.exe system command. The full path to the command is not enforced, which results in a search in the search path until a binary can be identified. This makes the installer/uninstaller vulnerable to Path Interception by Search Order Hijacking, potentially allowing an attacker to plant a malicious reg.exe command so it takes precedence over the system command. The vulnerability only affects Windows installers. | |||||
| CVE-2019-5443 | 4 Haxx, Microsoft, Netapp and 1 more | 10 Curl, Windows, Oncommand Insight and 7 more | 2021-11-03 | 4.4 MEDIUM | 7.8 HIGH |
| A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl "engine") on invocation. If that curl is invoked by a privileged user it can do anything it wants. | |||||
| CVE-2021-38469 | 1 Auvesy | 1 Versiondog | 2021-10-28 | 4.3 MEDIUM | 7.1 HIGH |
| Many of the services used by the affected product do not specify full paths for the DLLs they are loading. An attacker can exploit the uncontrolled search path by implanting their own DLL near the affected product’s binaries, thus hijacking the loaded DLL. | |||||
| CVE-2019-11773 | 1 Eclipse | 1 Omr | 2021-10-28 | 4.4 MEDIUM | 7.8 HIGH |
| Prior to 0.1, AIX builds of Eclipse OMR contain unused RPATHs which may facilitate code injection and privilege elevation by local users. | |||||
| CVE-2021-30359 | 2 Checkpoint, Microsoft | 3 Harmony Browse, Sandblast Agent For Browsers, Windows | 2021-10-27 | 7.2 HIGH | 7.8 HIGH |
| The Harmony Browse and the SandBlast Agent for Browsers installers must have admin privileges to execute some steps during the installation. Because the MS Installer allows regular users to repair their installation, an attacker running an installer before 90.08.7405 can start the installation repair and place a specially crafted binary in the repair folder, which runs with the admin privileges. | |||||
| CVE-2021-42103 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2021-10-27 | 4.6 MEDIUM | 7.8 HIGH |
| An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar but not identical to CVE-2021-42101. | |||||
| CVE-2021-42102 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2021-10-27 | 4.6 MEDIUM | 7.8 HIGH |
| An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service agents could allow a local attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2021-42101 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2021-10-27 | 4.6 MEDIUM | 7.8 HIGH |
| An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar but not identical to CVE-2021-42103. | |||||
| CVE-2018-16177 | 2 Microsoft, Ntt-west | 2 Windows 10, Fall Creators Update | 2021-10-18 | 4.4 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in The installer of Windows 10 Fall Creators Update Modify module for Security Measures tool allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2021-28130 | 2 Drweb, Microsoft | 2 Security Space, Windows | 2021-10-06 | 4.4 MEDIUM | 7.8 HIGH |
| Dr.Web Firewall 12.5.2.4160 on Windows incorrectly restricts applications signed by Dr.Web. A DLL for a custom payload within a legitimate binary (e.g., frwl_svc.exe) bypasses firewall filters. | |||||
| CVE-2021-32466 | 2 Microsoft, Trendmicro | 2 Windows, Housecall For Home Networks | 2021-10-02 | 6.9 MEDIUM | 7.0 HIGH |
| An uncontrolled search path element privilege escalation vulnerability in Trend Micro HouseCall for Home Networks version 5.3.1225 and below could allow an attacker to escalate privileges by placing a custom crafted file in a specific directory to load a malicious library. Please note that an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability. | |||||