Export limit exceeded: 362454 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 362454 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 362454 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 362454 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 362454 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 362454 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 362454 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (2564 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-13993 1 I-sens 1 Smartlog Diabetes Management Software 2025-04-20 N/A
An Uncontrolled Search Path or Element issue was discovered in i-SENS SmartLog Diabetes Management Software, Version 2.4.0 and prior versions. An uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DLL file in the search path. If the malicious DLL is loaded prior to the valid DLL, an attacker could execute arbitrary code on the system. This vulnerability does not affect the connected blood glucose monitor and would not impact delivery of therapy to the patient.
CVE-2017-14019 1 Progea 1 Movicon 2025-04-20 N/A
An Unquoted Search Path or Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An unquoted search path or element vulnerability has been identified, which may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate his or her privileges.
CVE-2017-2265 1 Resume-next 1 Filecapsule Deluxe Portable 2025-04-20 N/A
Untrusted search path vulnerability in FileCapsule Deluxe Portable Ver.1.0.4.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-2230 1 Nilim 1 Road Construction Completion Diagram Check Program 2025-04-20 N/A
Untrusted search path vulnerability in Douro Kouji Kanseizutou Check Program Ver3.1 (cdrw_checker_3.1.0.lzh) and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-10860 1 Daj 1 I-filter Installer 2025-04-20 N/A
Untrusted search path vulnerability in "i-filter 6.0 installer" timestamp of code signing is before 23 Aug 2017 (JST) allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory.
CVE-2016-8225 1 Lenovo 2 Edge Keyboard Driver, Slim Usb Keyboard Driver 2025-04-20 N/A
Unquoted service path vulnerability in Lenovo Edge and Lenovo Slim USB Keyboard Driver versions earlier than 1.21 allows local users to execute code with elevated privileges.
CVE-2016-7838 1 Winsparkle 1 Winsparkle 2025-04-20 N/A
Untrusted search path vulnerability in WinSparkle versions prior to 0.5.3 allows remote attackers to execute arbitrary code via a specially crafted executable file in an unspecified directory.
CVE-2017-2130 1 Securebrain 1 Phishwall Client 2025-04-20 7.8 High
Untrusted search path vulnerability in the installer of PhishWall Client Internet Explorer version Ver. 3.7.13 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-2267 1 Resume-next 1 Filecapsule Deluxe Portable 2025-04-20 N/A
Untrusted search path vulnerability in FileCapsule Deluxe Portable Ver.1.0.5.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-2178 1 Atla 1 Electronic Tendering And Bid Opening System 2025-04-20 N/A
Untrusted search path vulnerability in Installer of electronic tendering and bid opening system available prior to May 25, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-2189 1 Sharp 1 Rw-4040 2025-04-20 N/A
Untrusted search path vulnerability in RW-4040 driver installer for Windows 7 version 2.27 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2016-7804 1 7-zip 1 7-zip 2025-04-20 N/A
Untrusted search path vulnerability in 7 Zip for Windows 16.02 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-16997 2 Gnu, Redhat 5 Glibc, Enterprise Linux, Enterprise Linux Desktop and 2 more 2025-04-20 N/A
elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the "./" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution.
CVE-2017-2486 1 Apple 2 Iphone Os, Safari 2025-04-20 N/A
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof the address bar via a crafted web site.
CVE-2017-11160 1 Synology 1 Assistant 2025-04-20 N/A
Multiple untrusted search path vulnerabilities in installer in Synology Assistant before 6.1-15163 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory.
CVE-2017-10812 1 Nttdocomo 1 Photo Collection Pc Software 2025-04-20 N/A
Untrusted search path vulnerability in Photo Collection PC Software Ver.4.0.2 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-5161 1 Sielcosistemi 2 Winlog Lite, Winlog Pro 2025-04-20 N/A
An issue was discovered in Sielco Sistemi Winlog Lite SCADA Software, versions prior to Version 3.02.01, and Winlog Pro SCADA Software, versions prior to Version 3.02.01. An uncontrolled search path element (DLL Hijacking) vulnerability has been identified. Exploitation of this vulnerability could give an attacker access to the system with the same level of privilege as the application that utilizes the malicious DLL.
CVE-2014-8393 1 Corel 5 Coreldraw, Coreldraw Photo Paint, Paint Shop Pro and 2 more 2025-04-20 N/A
DLL Hijacking vulnerability in CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015, and Corel PDF Fusion.
CVE-2017-10848 1 Fujixerox 2 Docuworks, Docuworks Viewer Light 2025-04-20 N/A
Untrusted search path vulnerability in Installers for DocuWorks 8.0.7 and earlier and DocuWorks Viewer Light published in Jul 2017 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-10851 2 Fujixerox, Microsoft 2 Contentsbridge Utility, Windows 2025-04-20 N/A
Untrusted search path vulnerability in Installer for ContentsBridge Utility for Windows 7.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.