Total
832 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-26511 | 1 Kingsoft | 1 Wps Presentation | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| WPS Presentation 11.8.0.5745 insecurely load d3dx9_41.dll when opening .pps files('current directory type' DLL loading). | |||||
| CVE-2022-26425 | 1 Intel | 1 Oneapi Collective Communications Library | 2024-11-21 | N/A | 6.7 MEDIUM |
| Uncontrolled search path element in the Intel(R) oneAPI Collective Communications Library (oneCCL) before version 2021.6 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-26421 | 1 Intel | 1 Oneapi Dpc\+\+\/c\+\+ Compiler Runtime | 2024-11-21 | N/A | 6.7 MEDIUM |
| Uncontrolled search path element in the Intel(R) oneAPI DPC++/C++ Compiler Runtime before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-26345 | 1 Intel | 1 Openmp | 2024-11-21 | N/A | 6.7 MEDIUM |
| Uncontrolled search path element in the Intel(R) oneAPI Toolkit OpenMP before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-26337 | 1 Trendmicro | 1 Password Manager | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Trend Micro Password Manager (Consumer) installer version 5.0.0.1262 and below is vulnerable to an Uncontrolled Search Path Element vulnerability that could allow an attacker to use a specially crafted file to exploit the vulnerability and escalate local privileges on the affected machine. | |||||
| CVE-2022-26319 | 1 Trendmicro | 1 Portable Security | 2024-11-21 | 6.9 MEDIUM | 6.5 MEDIUM |
| An installer search patch element vulnerability in Trend Micro Portable Security 3.0 Pro, 3.0 and 2.0 could allow a local attacker to place an arbitrarily generated DLL file in an installer folder to elevate local privileges. Please note: an attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2022-26081 | 1 Kingsoft | 1 Wps Office | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll, allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer. | |||||
| CVE-2022-26076 | 1 Intel | 1 Oneapi Deep Neural Network | 2024-11-21 | N/A | 6.7 MEDIUM |
| Uncontrolled search path element in the Intel(R) oneAPI Deep Neural Network (oneDNN) before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-26062 | 1 Intel | 1 Trace Analyzer And Collector | 2024-11-21 | N/A | 6.7 MEDIUM |
| Uncontrolled search path element in the Intel(R) Trace Analyzer and Collector before version 2021.6 for Intel(R) oneAPI HPC Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-26052 | 1 Intel | 1 Mpi Library | 2024-11-21 | N/A | 6.7 MEDIUM |
| Uncontrolled search path element in the Intel(R) MPI Library before version 2021.6 for Intel(R) oneAPI HPC Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-26032 | 1 Intel | 1 Distribution For Python | 2024-11-21 | N/A | 6.7 MEDIUM |
| Uncontrolled search path element in the Intel(R) Distribution for Python programming language before version 2022.1 for Intel(R) oneAPI Toolkits may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-25999 | 1 Intel | 1 Enpirion Digital Power Configurator Gui | 2024-11-21 | N/A | 7.8 HIGH |
| Uncontrolled search path element in the Intel(R) Enpirion(R) Digital Power Configurator GUI software, all versions may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-25969 | 1 Kingsoft | 1 Wps Office | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs), allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer. | |||||
| CVE-2022-25905 | 1 Intel | 1 Oneapi Data Analytics Library | 2024-11-21 | N/A | 6.7 MEDIUM |
| Uncontrolled search path element in the Intel(R) oneAPI Data Analytics Library (oneDAL) before version 2021.5 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-25864 | 1 Intel | 1 Oneapi Math Kernel Library | 2024-11-21 | N/A | 6.7 MEDIUM |
| Uncontrolled search path in some Intel(R) oneMKL software before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-25841 | 1 Intel | 1 Datacenter Group Event | 2024-11-21 | N/A | 7.8 HIGH |
| Uncontrolled search path elements in the Intel(R) Datacenter Group Event Android application, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-25348 | 2 Hibara, Microsoft | 2 Attachecase, Windows | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in AttacheCase ver.4.0.2.7 and earlier allows an attacker to gain privileges and execute arbitrary code via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2022-25154 | 1 Samsung | 2 T5, T5 Firmware | 2024-11-21 | 4.4 MEDIUM | 7.3 HIGH |
| A DLL hijacking vulnerability in Samsung portable SSD T5 PC software before 1.6.9 could allow a local attacker to escalate privileges. (An attacker must already have user privileges on Windows 7, 10, or 11 to exploit this vulnerability.) | |||||
| CVE-2022-24955 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have an Uncontrolled Search Path Element for DLL files. | |||||
| CVE-2022-24767 | 2 Git For Windows Project, Microsoft | 4 Git For Windows, Visual Studio 2017, Visual Studio 2019 and 1 more | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
| GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account. | |||||