Total
1123 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-64995 | 1 Teamviewer | 1 Digital Employee Experience | 2026-01-09 | N/A | 6.5 MEDIUM |
| A privilege escalation vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction prior V3.4. Improper protection of the execution path on the local device allows attackers, with local access to the device during execution, to hijack the process and execute arbitrary code with SYSTEM privileges. | |||||
| CVE-2025-65741 | 1 Sublimetext | 1 Sublime Text 3 | 2026-01-02 | N/A | 9.8 CRITICAL |
| Sublime Text 3 Build 3208 or prior for MacOS is vulnerable to Dylib Injection. An attacker could compile a .dylib file and force the execution of this library in the context of the Sublime Text application. | |||||
| CVE-2025-34423 | 1 Mailenable | 1 Mailenable | 2025-12-23 | N/A | 7.8 HIGH |
| MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIAU.DLL from its installation directory without sufficient integrity validation or a secure search order. A local attacker with write access to that directory can plant a malicious MEAIAU.DLL, which is then loaded on execution, resulting in attacker-controlled code running with the privileges of the process. | |||||
| CVE-2025-34422 | 1 Mailenable | 1 Mailenable | 2025-12-23 | N/A | 7.8 HIGH |
| MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIPC.DLL from its installation directory without sufficient integrity validation or a secure search order. A local attacker with write access to that directory can plant a malicious MEAIPC.DLL, which is then loaded on execution, resulting in attacker-controlled code running with the privileges of the process. | |||||
| CVE-2025-34416 | 1 Mailenable | 1 Mailenable | 2025-12-23 | N/A | 7.8 HIGH |
| MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIPO.DLL from its installation directory without sufficient integrity validation or a secure search order. A local attacker with write access to that directory can plant a malicious MEAIPO.DLL, which is then loaded when the executable starts, resulting in execution of attacker-controlled code with the privileges of the process. | |||||
| CVE-2025-34417 | 1 Mailenable | 1 Mailenable | 2025-12-23 | N/A | 7.8 HIGH |
| MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAISO.DLL from its installation directory without sufficient integrity validation or a secure search order. A local attacker with write access to that directory can plant a malicious MEAISO.DLL, which is then loaded when the executable starts, resulting in execution of attacker-controlled code with the privileges of the process. | |||||
| CVE-2025-34418 | 1 Mailenable | 1 Mailenable | 2025-12-23 | N/A | 7.8 HIGH |
| MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIMF.DLL from its installation directory without sufficient integrity validation or a secure search order. A local attacker with write access to that directory can plant a malicious MEAIMF.DLL, which is then loaded when the executable starts, resulting in execution of attacker-controlled code with the privileges of the process. | |||||
| CVE-2025-34419 | 1 Mailenable | 1 Mailenable | 2025-12-23 | N/A | 7.8 HIGH |
| MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAISM.DLL from its installation directory without sufficient integrity validation or a secure search order. A local attacker with write access to that directory can plant a malicious MEAISM.DLL, which is then loaded when the executable starts, resulting in execution of attacker-controlled code with the privileges of the process. | |||||
| CVE-2025-34420 | 1 Mailenable | 1 Mailenable | 2025-12-23 | N/A | 7.8 HIGH |
| MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIAM.DLL from its installation directory without sufficient integrity validation or a secure search order. A local attacker with write access to that directory can plant a malicious MEAIAM.DLL, which is then loaded on execution, resulting in attacker-controlled code running with the privileges of the process. | |||||
| CVE-2025-34421 | 1 Mailenable | 1 Mailenable | 2025-12-23 | N/A | 7.8 HIGH |
| MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAISP.DLL from its installation directory without sufficient integrity validation or a secure search order. A local attacker with write access to that directory can plant a malicious MEAISP.DLL, which is then loaded on execution, resulting in attacker-controlled code running with the privileges of the process. | |||||
| CVE-2021-22280 | 1 Br-automation | 1 Automation Studio | 2025-12-19 | N/A | 7.2 HIGH |
| Improper DLL loading algorithms in B&R Automation Studio versions >=4.0 and <4.12 may allow an authenticated local attacker to execute code in the context of the product. | |||||
| CVE-2025-7427 | 1 Arm | 1 Arm Development Studio | 2025-12-18 | N/A | 5.9 MEDIUM |
| Uncontrolled Search Path Element in Arm Development Studio before 2025 may allow an attacker to perform a DLL hijacking attack. Successful exploitation could lead to local arbitrary code execution in the context of the user running Arm Development Studio. | |||||
| CVE-2025-34424 | 1 Mailenable | 1 Mailenable | 2025-12-17 | N/A | 7.8 HIGH |
| MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIDP.DLL from its installation directory without sufficient integrity validation or a secure search order. A local attacker with write access to that directory can plant a malicious MEAIDP.DLL, which is then loaded on execution, resulting in attacker-controlled code running with the privileges of the process. | |||||
| CVE-2023-4936 | 1 Synaptics | 1 Displaylink | 2025-12-17 | N/A | 5.5 MEDIUM |
| It is possible to sideload a compromised DLL during the installation at elevated privilege. | |||||
| CVE-2025-34396 | 1 Mailenable | 1 Mailenable | 2025-12-10 | N/A | 7.3 HIGH |
| MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAINFY.DLL from its application directo without sufficient integrity validation or secure search order. If the DLL is missing or attacker-writable locations in the search path are used, a local attacker with write permissions to the directory can plant a malicious MEAINFY.DLL. When the executable is launched, it loads the attacker-controlled library and executes code with the privileges of the process, enabling local privilege escalation when run with elevated rights. | |||||
| CVE-2022-27595 | 1 Qnap | 1 Qvpn | 2025-12-08 | N/A | 7.8 HIGH |
| An insecure library loading vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local attackers who have gained user access to execute unauthorized code or commands. We have already fixed the vulnerability in the following versions: QVPN Windows 2.0.0.1316 and later QVPN Windows 2.0.0.1310 and later | |||||
| CVE-2025-32919 | 1 Checkmk | 1 Checkmk | 2025-12-04 | N/A | 7.8 HIGH |
| Use of an insecure temporary directory in the Windows License plugin for the Checkmk Windows Agent allows Privilege Escalation. This issue affects Checkmk: from 2.4.0 before 2.4.0p13, from 2.3.0 before 2.3.0p38, from 2.2.0 before 2.2.0p46, and all versions of 2.1.0 (EOL). | |||||
| CVE-2024-29223 | 1 Intel | 1 Quickassist Technology | 2025-12-03 | N/A | 6.7 MEDIUM |
| Uncontrolled search path for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2025-64695 | 2 Microsoft, Secuavail | 2 Windows, Logstare Collector | 2025-12-02 | N/A | 7.8 HIGH |
| Uncontrolled search path element issue exists in the installer of LogStare Collector (for Windows). If exploited, arbitrary code may be executed with the privilege of the user invoking the installer. | |||||
| CVE-2025-20050 | 1 Intel | 1 Computing Improvement Program | 2025-11-26 | N/A | 6.7 MEDIUM |
| Uncontrolled search path for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable local code execution. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. | |||||