Total
546 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-2208 | 1 Acquisition Technology And Logistics Agency | 1 Installer Of Electronic Tendering | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in Installer of Electronic tendering and bid opening system available prior to June 12, 2017 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory. | |||||
| CVE-2017-11749 | 1 Internet-soft | 1 Ftp Commander | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| InternetSoft FTP Commander 8.02 and prior has an untrusted search path, allowing DLL hijacking via a Trojan horse dwmapi.dll file. | |||||
| CVE-2017-10822 | 1 Enecho.meti | 1 Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Installer for Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program (program released on 2013 September 30) distributed on the website until 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-2209 | 1 Santeikohyo | 1 Installer Of Houkokusyo Sakusei Shien Tool | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in the installer of Houkokusyo Sakusei Shien Tool ver3.0.2 (For the first installation) (The version which was available on the website from 2017 April 4 to 2017 May 18) and ver2.0 and later (For the first installation) (The versions which were available on the website prior to 2017 April 4) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2014-8358 | 1 Huawei | 6 Ec156, Ec156 Firmware, Ec176 and 3 more | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Huawei EC156, EC176, and EC177 USB Modem products with software before UTPS-V200R003B015D02SP07C1014 (23.015.02.07.1014) and before V200R003B015D02SP08C1014 (23.015.02.08.1014) use a weak ACL for the "Mobile Partner" directory, which allows remote attackers to gain SYSTEM privileges by compromising a low privilege account and modifying Mobile Partner.exe. | |||||
| CVE-2017-10859 | 1 Daj | 1 I-filter Installer | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in "i-filter 6.0 installer" timestamp of code signing is before 23 Aug 2017 (JST) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2016-1417 | 1 Snort | 1 Snort | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
| Untrusted search path vulnerability in Snort 2.9.7.0-WIN32 allows remote attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse tcapi.dll that is located in the same folder on a remote file share as a pcap file that is being processed. | |||||
| CVE-2017-2108 | 1 Softbank | 1 Primedrive Desktop Application | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in PrimeDrive Desktop Application 1.4.3 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-10860 | 1 Daj | 1 I-filter Installer | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in "i-filter 6.0 installer" timestamp of code signing is before 23 Aug 2017 (JST) allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory. | |||||
| CVE-2017-2167 | 1 Softbank | 1 Primedrive Desktop Application | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in Installer for PrimeDrive Desktop Application version 1.4.4 and earlier allows remote attackers to execute arbitrary code via a specially crafted executable file in an unspecified directory. | |||||
| CVE-2017-2271 | 1 Hibara | 1 Attachecase | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Self-extracting encrypted files created by AttacheCase ver.2.8.3.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-10829 | 1 Ntt | 1 Enkaku Support Tool | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Remote Support Tool (Enkaku Support Tool) All versions distributed through the website till 2017 August 10 allow an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-2178 | 1 Atla | 1 Electronic Tendering And Bid Opening System | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
| Untrusted search path vulnerability in Installer of electronic tendering and bid opening system available prior to May 25, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-2225 | 1 Mext | 1 Ebidsettingchecker | 2025-04-20 | 6.8 MEDIUM | 9.8 CRITICAL |
| Untrusted search path vulnerability in EbidSettingChecker.exe (version 1.0.0.0) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-15566 | 1 Schedmd | 1 Slurm | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
| Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution. | |||||
| CVE-2017-10812 | 1 Nttdocomo | 1 Photo Collection Pc Software | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Photo Collection PC Software Ver.4.0.2 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-5232 | 1 Rapid7 | 1 Nexpose | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| All editions of Rapid7 Nexpose installers prior to version 6.4.24 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. | |||||
| CVE-2017-10851 | 2 Fujixerox, Microsoft | 2 Contentsbridge Utility, Windows | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Installer for ContentsBridge Utility for Windows 7.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-2193 | 1 Tera Term Project | 1 Tera Term | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in the installer of Tera Term 4.94 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2016-4901 | 1 National Tax Agency | 1 E-tax | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in The installer of e-Tax Software all versions allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||