Total
498 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-1536 | 1 Cisco | 5 Webex Meetings Desktop, Webex Meetings Online, Webex Meetings Server and 2 more | 2021-06-11 | 6.9 MEDIUM | 7.8 HIGH |
| A vulnerability in Cisco Webex Meetings Desktop App for Windows, Cisco Webex Meetings Server, Cisco Webex Network Recording Player for Windows, and Cisco Webex Teams for Windows could allow an authenticated, local attacker to perform a DLL injection attack on an affected device. To exploit this vulnerability, the attacker must have valid credentials on the Windows system. This vulnerability is due to incorrect handling of directory paths at run time. An attacker could exploit this vulnerability by inserting a configuration file in a specific path in the system, which can cause a malicious DLL file to be loaded when the application starts. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of another user account. | |||||
| CVE-2020-24485 | 1 Intel | 1 Trace Analyzer And Collector | 2021-06-09 | 4.4 MEDIUM | 7.8 HIGH |
| Improper conditions check in the Intel(R) FPGA OPAE Driver for Linux before kernel version 4.17 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2021-25694 | 1 Teradici | 1 Pcoip Graphics Agent | 2021-05-25 | 4.4 MEDIUM | 7.8 HIGH |
| Teradici PCoIP Graphics Agent for Windows prior to 21.03 does not validate NVENC.dll. An attacker could replace the .dll and redirect pixels elsewhere. | |||||
| CVE-2021-3423 | 1 Bitdefender | 1 Gravityzone Business Security | 2021-05-25 | 4.6 MEDIUM | 7.8 HIGH |
| Uncontrolled Search Path Element vulnerability in the openssl component as used in Bitdefender GravityZone Business Security allows an attacker to load a third party DLL to elevate privileges. This issue affects Bitdefender GravityZone Business Security versions prior to 6.6.23.329. | |||||
| CVE-2020-24755 | 1 Ui | 1 Unifi Video | 2021-05-24 | 6.9 MEDIUM | 7.8 HIGH |
| In Ubiquiti UniFi Video v3.10.13, when the executable starts, its first library validation is in the current directory. This allows the impersonation and modification of the library to execute code on the system. This was tested in (Windows 7 x64/Windows 10 x64). | |||||
| CVE-2020-0515 | 1 Intel | 1 Graphics Driver | 2021-05-19 | 4.6 MEDIUM | 7.8 HIGH |
| Uncontrolled search path element in the installer for Intel(R) Graphics Drivers before versions 26.20.100.7584, 15.45.30.5103, 15.40.44.5107, 15.36.38.5117, and 15.33.49.5100 may allow an authenticated user to potentially enable escalation of privilege via local access | |||||
| CVE-2021-1496 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2021-05-07 | 7.2 HIGH | 7.8 HIGH |
| Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. A successful exploit could allow the attacker to execute arbitrary code on an affected device with SYSTEM privileges. To exploit these vulnerabilities, the attacker must have valid credentials on the Windows system. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2021-1430 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2021-05-07 | 7.2 HIGH | 7.8 HIGH |
| Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. A successful exploit could allow the attacker to execute arbitrary code on an affected device with SYSTEM privileges. To exploit these vulnerabilities, the attacker must have valid credentials on the Windows system. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2021-1429 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2021-05-07 | 7.2 HIGH | 7.8 HIGH |
| Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. A successful exploit could allow the attacker to execute arbitrary code on an affected device with SYSTEM privileges. To exploit these vulnerabilities, the attacker must have valid credentials on the Windows system. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2021-1427 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2021-05-07 | 7.2 HIGH | 7.8 HIGH |
| Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. A successful exploit could allow the attacker to execute arbitrary code on an affected device with SYSTEM privileges. To exploit these vulnerabilities, the attacker must have valid credentials on the Windows system. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2021-1428 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2021-05-07 | 7.2 HIGH | 7.8 HIGH |
| Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. A successful exploit could allow the attacker to execute arbitrary code on an affected device with SYSTEM privileges. To exploit these vulnerabilities, the attacker must have valid credentials on the Windows system. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2021-1426 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2021-05-07 | 7.2 HIGH | 7.8 HIGH |
| Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. A successful exploit could allow the attacker to execute arbitrary code on an affected device with SYSTEM privileges. To exploit these vulnerabilities, the attacker must have valid credentials on the Windows system. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2021-3464 | 1 Lenovo | 1 Pcmanager | 2021-05-06 | 7.2 HIGH | 7.8 HIGH |
| A DLL search path vulnerability was reported in Lenovo PCManager, prior to version 3.0.400.3252, that could allow privilege escalation. | |||||
| CVE-2020-25244 | 1 Siemens | 1 Logo\! Soft Comfort | 2021-04-30 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability has been identified in LOGO! Soft Comfort (All versions). The software insecurely loads libraries which makes it vulnerable to DLL hijacking. Successful exploitation by a local attacker could lead to a takeover of the system where the software is installed. | |||||
| CVE-2021-21545 | 1 Dell | 1 Peripheral Manager | 2021-04-26 | 7.2 HIGH | 7.8 HIGH |
| Dell Peripheral Manager 1.3.1 or greater contains remediation for a local privilege escalation vulnerability that could be potentially exploited to gain arbitrary code execution on the system with privileges of the system user. | |||||
| CVE-2020-7585 | 1 Siemens | 4 Simatic Pcs 7, Simatic Process Device Manager, Simatic Step 7 and 1 more | 2021-04-22 | 4.6 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information. | |||||
| CVE-2021-1386 | 1 Cisco | 3 Advanced Malware Protection For Endpoints, Clamav, Immunet | 2021-04-19 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in the dynamic link library (DLL) loading mechanism in Cisco Advanced Malware Protection (AMP) for Endpoints Windows Connector, ClamAV for Windows, and Immunet could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected Windows system. To exploit this vulnerability, the attacker would need valid credentials on the system. The vulnerability is due to insufficient validation of directory search paths at run time. An attacker could exploit this vulnerability by placing a malicious DLL file on an affected system. A successful exploit could allow the attacker to execute arbitrary code with SYSTEM privileges. | |||||
| CVE-2021-28647 | 1 Trendmicro | 1 Password Manager | 2021-04-14 | 4.4 MEDIUM | 7.8 HIGH |
| Trend Micro Password Manager version 5 (Consumer) is vulnerable to a DLL Hijacking vulnerability which could allow an attacker to inject a malicious DLL file during the installation progress and could execute a malicious program each time a user installs a program. | |||||
| CVE-2021-28822 | 2 Microsoft, Tibco | 2 Windows, Enterprise Message Service | 2021-03-29 | 4.6 MEDIUM | 7.8 HIGH |
| The Enterprise Message Service Server (tibemsd), Enterprise Message Service Central Administration (tibemsca), Enterprise Message Service JSON configuration generator (tibemsconf2json), and Enterprise Message Service C API components of TIBCO Software Inc.'s TIBCO Enterprise Message Service, TIBCO Enterprise Message Service - Community Edition, and TIBCO Enterprise Message Service - Developer Edition contain a vulnerability that theoretically allows a low privileged attacker with local access on the Windows operating system to insert malicious software. The affected component can be abused to execute the malicious software inserted by the attacker with the elevated privileges of the component. This vulnerability results from the affected component searching for run-time artifacts outside of the installation hierarchy. Affected releases are TIBCO Software Inc.'s TIBCO Enterprise Message Service: versions 8.5.1 and below, TIBCO Enterprise Message Service - Community Edition: versions 8.5.1 and below, and TIBCO Enterprise Message Service - Developer Edition: versions 8.5.1 and below. | |||||
| CVE-2021-28820 | 2 Microsoft, Tibco | 2 Windows, Ftl | 2021-03-29 | 4.6 MEDIUM | 7.8 HIGH |
| The FTL Server (tibftlserver), FTL C API, FTL Golang API, FTL Java API, and FTL .Net API components of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBCO FTL - Enterprise Edition contain a vulnerability that theoretically allows a low privileged attacker with local access on the Windows operating system to insert malicious software. The affected component can be abused to execute the malicious software inserted by the attacker with the elevated privileges of the component. This vulnerability results from the affected component searching for run-time artifacts outside of the installation hierarchy. Affected releases are TIBCO Software Inc.'s TIBCO FTL - Community Edition: versions 6.5.0 and below, TIBCO FTL - Developer Edition: versions 6.5.0 and below, and TIBCO FTL - Enterprise Edition: versions 6.5.0 and below. | |||||