Total
498 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-14349 | 2 Opensuse, Postgresql | 2 Leap, Postgresql | 2023-01-23 | 4.6 MEDIUM | 7.1 HIGH |
It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the search_path during logical replication. An authenticated attacker could use this flaw in an attack similar to CVE-2018-1058, in order to execute arbitrary SQL command in the context of the user used for replication. | |||||
CVE-2023-22947 | 2 Microsoft, Shibboleth | 2 Windows, Service Provider | 2023-01-23 | N/A | 7.3 HIGH |
** DISPUTED ** Insecure folder permissions in the Windows installation path of Shibboleth Service Provider (SP) before 3.4.1 allow an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in the service executable's folder. This occurs because the installation goes under C:\opt (rather than C:\Program Files) by default. NOTE: the vendor disputes the significance of this report, stating that "We consider the ACLs a best effort thing" and "it was a documentation mistake." | |||||
CVE-2023-0247 | 1 Bloom Project | 1 Bloom | 2023-01-20 | N/A | 7.8 HIGH |
Uncontrolled Search Path Element in GitHub repository bits-and-blooms/bloom prior to 3.3.1. | |||||
CVE-2022-44939 | 1 Echatserver | 1 Easy Chat Server | 2023-01-12 | N/A | 7.8 HIGH |
Efs Software Easy Chat Server Version 3.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. This vulnerability allows attackers to execute arbitrary code via a crafted DLL. | |||||
CVE-2022-46330 | 1 Squirrel.windows Project | 1 Squirrel.windows | 2023-01-03 | N/A | 7.8 HIGH |
Squirrel.Windows is both a toolset and a library that provides installation and update functionality for Windows desktop applications. Installers generated by Squirrel.Windows 2.0.1 and earlier contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privilege of the user invoking the installer. | |||||
CVE-2022-36314 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Firefox Esr and 1 more | 2023-01-03 | N/A | 5.5 MEDIUM |
When opening a Windows shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system.<br>This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 102.1, Firefox < 103, and Thunderbird < 102.1. | |||||
CVE-2022-42945 | 1 Autodesk | 1 Dwg Trueview | 2022-12-28 | N/A | 7.8 HIGH |
DWG TrueViewTM 2023 version has a DLL Search Order Hijacking vulnerability. Successful exploitation by a malicious attacker could result in remote code execution on the target system. | |||||
CVE-2022-43722 | 1 Siemens | 2 Sicam Pas, Sicam Pqs | 2022-12-15 | N/A | 7.8 HIGH |
A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0). Affected software does not properly secure a folder containing library files. This could allow an attacker to place a custom malicious DLL in this folder which is then run with SYSTEM rights when a service is started that requires this DLL. At the time of assigning the CVE, the affected firmware version of the component has already been superseded by succeeding mainline versions. | |||||
CVE-2022-29580 | 1 Google | 1 Google Search | 2022-12-15 | N/A | 7.8 HIGH |
There exists a path traversal vulnerability in the Android Google Search app. This is caused by the incorrect usage of uri.getLastPathSegment. A symbolic encoded string can bypass the path logic to get access to unintended directories. An attacker can manipulate paths that could lead to code execution on the device. We recommend upgrading beyond version 13.41 | |||||
CVE-2022-38395 | 1 Hp | 2 Fusion, Support Assistant | 2022-12-15 | N/A | 7.8 HIGH |
HP Support Assistant uses HP Performance Tune-up as a diagnostic tool. HP Support Assistant uses Fusion to launch HP Performance Tune-up. It is possible for an attacker to exploit the DLL hijacking vulnerability and elevate privileges when Fusion launches the HP Performance Tune-up. | |||||
CVE-2019-4447 | 3 Ibm, Linux, Microsoft | 3 Db2 High Performance Unload Load, Linux Kernel, Windows | 2022-12-02 | 7.2 HIGH | 7.8 HIGH |
IBM DB2 High Performance Unload load for LUW 6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1, and 6.1.0.1 IF2 db2hpum_debug is a setuid root binary which trusts the PATH environment variable. A low privileged user can execute arbitrary commands as root by altering the PATH variable to point to a user controlled location. When a crash is induced the trojan gdb command is executed. IBM X-Force ID: 163488. | |||||
CVE-2022-3859 | 1 Trellix | 1 Agent | 2022-12-02 | N/A | 6.7 MEDIUM |
An uncontrolled search path vulnerability exists in Trellix Agent (TA) for Windows in versions prior to 5.7.8. This allows an attacker with admin access, which is required to place the DLL in the restricted Windows System folder, to elevate their privileges to System by placing a malicious DLL there. | |||||
CVE-2019-6546 | 1 Ge | 1 Ge Communicator | 2022-11-30 | 6.8 MEDIUM | 7.8 HIGH |
GE Communicator, all versions prior to 4.0.517, allows an attacker to place malicious files within the working directory of the program, which may allow an attacker to manipulate widgets and UI elements. | |||||
CVE-2022-3734 | 1 Redis | 1 Redis | 2022-11-29 | N/A | 9.8 CRITICAL |
** DISPUTED ** A vulnerability was found in a port or fork of Redis. It has been declared as critical. This vulnerability affects unknown code in the library C:/Program Files/Redis/dbghelp.dll. The manipulation leads to uncontrolled search path. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The identifier of this vulnerability is VDB-212416. NOTE: The official Redis release is not affected. This issue might affect an unofficial fork or port on Windows only. | |||||
CVE-2021-43037 | 1 Kaseya | 1 Unitrends Backup | 2022-11-28 | 6.9 MEDIUM | 7.8 HIGH |
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The Unitrends Windows agent was vulnerable to DLL injection and binary planting due to insecure default permissions. This allowed privilege escalation from an unprivileged user to SYSTEM. | |||||
CVE-2022-43751 | 1 Mcafee | 1 Total Protection | 2022-11-28 | N/A | 7.8 HIGH |
McAfee Total Protection prior to version 16.0.49 contains an uncontrolled search path element vulnerability due to the use of a variable pointing to a subdirectory that may be controllable by an unprivileged user. This may have allowed the unprivileged user to execute arbitrary code with system privileges. | |||||
CVE-2022-40746 | 2 Ibm, Microsoft | 2 I Access Client Solutions, Windows | 2022-11-23 | N/A | 6.7 MEDIUM |
IBM i Access Family 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability. By placing a specially crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236581. | |||||
CVE-2022-45422 | 1 Lg | 1 Smart Share | 2022-11-23 | N/A | 7.8 HIGH |
When LG SmartShare is installed, local privilege escalation is possible through DLL Hijacking attack. The LG ID is LVE-HOT-220005. | |||||
CVE-2022-31694 | 1 Installbuilder | 1 Installbuilder | 2022-11-22 | N/A | 7.3 HIGH |
InstallBuilder Qt installers built with versions previous to 22.10 try to load DLLs from the installer binary parent directory when displaying popups. This may allow an attacker to plant a malicious DLL in the installer parent directory to allow executing code with the privileges of the installer (when the popup triggers the loading of the library). Exploiting these type of vulnerabilities generally require that an attacker has access to a vulnerable machine to plant the malicious DLL. | |||||
CVE-2022-28766 | 1 Zoom | 2 Meetings, Rooms | 2022-11-22 | N/A | 7.3 HIGH |
Windows 32-bit versions of the Zoom Client for Meetings before 5.12.6 and Zoom Rooms for Conference Room before version 5.12.6 are susceptible to a DLL injection vulnerability. A local low-privileged user could exploit this vulnerability to run arbitrary code in the context of the Zoom client. |