Total
498 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-12572 | 2 Londontrustmedia, Microsoft | 2 Private Internet Access, Windows | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client 1.0.2 (build 02363) for Windows could allow an authenticated, local attacker to run arbitrary code with elevated privileges. On startup, the PIA Windows service (pia-service.exe) loads the OpenSSL library from %PROGRAMFILES%\Private Internet Access\libeay32.dll. This library attempts to load the C:\etc\ssl\openssl.cnf configuration file which does not exist. By default on Windows systems, authenticated users can create directories under C:\. A low privileged user can create a C:\etc\ssl\openssl.cnf configuration file to load a malicious OpenSSL engine library resulting in arbitrary code execution as SYSTEM when the service starts. | |||||
| CVE-2019-19954 | 2 Microsoft, Signal | 2 Windows, Signal-desktop | 2020-08-24 | 6.9 MEDIUM | 7.3 HIGH |
| Signal Desktop before 1.29.1 on Windows allows local users to gain privileges by creating a Trojan horse %SYSTEMDRIVE%\node_modules\.bin\wmic.exe file. | |||||
| CVE-2019-12575 | 2 Linux, Londontrustmedia | 2 Linux Kernel, Private Internet Access Vpn Client | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The root_runner.64 binary is setuid root. This binary executes /opt/pia/ruby/64/ruby, which in turn attempts to load several libraries under /tmp/ruby-deploy.old/lib. A local unprivileged user can create a malicious library under this path to execute arbitrary code as the root user. | |||||
| CVE-2019-12758 | 1 Symantec | 1 Endpoint Protection | 2020-08-24 | 7.2 HIGH | 6.7 MEDIUM |
| Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature. | |||||
| CVE-2019-5526 | 1 Vmware | 1 Workstation | 2020-08-24 | 9.3 HIGH | 7.8 HIGH |
| VMware Workstation (15.x before 15.1.0) contains a DLL hijacking issue because some DLL files are improperly loaded by the application. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to administrator on a windows host where Workstation is installed. | |||||
| CVE-2020-9767 | 1 Zoom | 1 Sharing Service | 2020-08-21 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability related to Dynamic-link Library (“DLL”) loading in the Zoom Sharing Service would allow an attacker who had local access to a machine on which the service was running with elevated privileges to elevate their system privileges as well through use of a malicious DLL. Zoom addressed this issue, which only applies to Windows users, in the 5.0.4 client release. | |||||
| CVE-2020-7360 | 1 Philips | 1 Smartcontrol | 2020-08-19 | 6.9 MEDIUM | 7.3 HIGH |
| An Uncontrolled Search Path Element (CWE-427) vulnerability in SmartControl version 4.3.15 and versions released before April 15, 2020 may allow an authenticated user to escalate privileges by placing a specially crafted DLL file in the search path. This issue was fixed in version 1.0.7, which was released after April 15, 2020. (Note, the version numbering system changed significantly between version 4.3.15 and version 1.0.7.) | |||||
| CVE-2020-8687 | 1 Intel | 1 Rste Software Raid | 2020-08-19 | 4.6 MEDIUM | 7.8 HIGH |
| Uncontrolled search path in the installer for Intel(R) RSTe Software RAID Driver for the Intel(R) Server Board M10JNP2SB before version 4.7.0.1119 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-15657 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Firefox Esr and 1 more | 2020-08-14 | 6.9 MEDIUM | 7.8 HIGH |
| Firefox could be made to load attacker-supplied DLL files from the installation directory. This required an attacker that is already capable of placing files in the installation directory. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1. | |||||
| CVE-2020-13177 | 1 Teradici | 2 Graphics Agent, Pcoip Standard Agent | 2020-08-13 | 4.4 MEDIUM | 7.8 HIGH |
| The support bundler in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows versions prior to 20.04.1 and 20.07.0 does not use hard coded paths for certain Windows binaries, which allows an attacker to gain elevated privileges via execution of a malicious binary placed in the system path. | |||||
| CVE-2020-16143 | 1 Seafile | 1 Seafile-client | 2020-08-05 | 4.4 MEDIUM | 7.8 HIGH |
| The seafile-client client 7.0.8 for Seafile is vulnerable to DLL hijacking because it loads exchndl.dll from the current working directory. | |||||
| CVE-2017-1000010 | 1 Audacityteam | 1 Audacity | 2020-08-03 | 6.8 MEDIUM | 7.8 HIGH |
| Audacity 2.1.2 through 2.3.2 is vulnerable to Dll HIjacking in the avformat-55.dll resulting arbitrary code execution. | |||||
| CVE-2020-8469 | 1 Trendmicro | 1 Password Manager | 2020-06-23 | 6.9 MEDIUM | 7.8 HIGH |
| Trend Micro Password Manager for Windows version 5.0 is affected by a DLL hijacking vulnerability would could potentially allow an attacker privleged escalation. | |||||
| CVE-2020-9858 | 1 Apple | 1 Windows Migration Assistant | 2020-06-15 | 4.4 MEDIUM | 7.8 HIGH |
| A dynamic library loading issue was addressed with improved path searching. This issue is fixed in Windows Migration Assistant 2.2.0.0 (v. 1A11). Running the installer in an untrusted directory may result in arbitrary code execution. | |||||
| CVE-2020-5357 | 1 Dell | 8 Dock Wd15, Dock Wd15 Firmware, Dock Wd19 and 5 more | 2020-05-29 | 2.6 LOW | 6.0 MEDIUM |
| Dell Dock Firmware Update Utilities for Dell Client Consumer and Commercial docking stations contain an Arbitrary File Overwrite vulnerability. The vulnerability is limited to the Dell Dock Firmware Update Utilities during the time window while being executed by an administrator. During this time window, a locally authenticated low-privileged malicious user could exploit this vulnerability by tricking an administrator into overwriting arbitrary files via a symlink attack. The vulnerability does not affect the actual binary payload that the update utility delivers. | |||||
| CVE-2020-13110 | 1 Kerberos Project | 1 Kerberos | 2020-05-20 | 6.9 MEDIUM | 7.8 HIGH |
| The kerberos package before 1.0.0 for Node.js allows arbitrary code execution and privilege escalation via injection of malicious DLLs through use of the kerberos_sspi LoadLibrary() method, because of a DLL path search. | |||||
| CVE-2020-6244 | 1 Sap | 1 Business Client | 2020-05-18 | 4.4 MEDIUM | 7.8 HIGH |
| SAP Business Client, version 7.0, allows an attacker after a successful social engineering attack to inject malicious code as a DLL file in untrusted directories that can be executed by the application, due to uncontrolled search path element. An attacker could thereby control the behavior of the application. | |||||
| CVE-2020-10616 | 1 Opto22 | 1 Softpac Project | 2020-05-17 | 6.8 MEDIUM | 8.8 HIGH |
| Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC does not specify the path of multiple imported .dll files. Therefore, an attacker can replace them and execute code whenever the service starts. | |||||
| CVE-2020-10515 | 2 Microsoft, Starface | 2 Windows, Unified Communication \& Collaboration Client | 2020-04-06 | 10.0 HIGH | 9.8 CRITICAL |
| STARFACE UCC Client before 6.7.1.204 on WIndows allows binary planting to execute code with System rights, aka usd-2020-0006. | |||||
| CVE-2020-7474 | 1 Schneider-electric | 1 Pmepxm0100 Prosoft Configurator | 2020-03-25 | 4.4 MEDIUM | 7.8 HIGH |
| A CWE-427: Uncontrolled Search Path Element vulnerability exists in ProSoft Configurator (v1.002 and prior), for the PMEPXM0100 (H) module, which could cause the execution of untrusted code when using double click to open a project file which may trigger execution of a malicious DLL. | |||||