Total
863 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-20052 | 1 Python | 1 Python | 2024-11-21 | 4.4 MEDIUM | 5.0 MEDIUM |
| A vulnerability classified as problematic was found in Python 2.7.13. This vulnerability affects unknown code of the component pgAdmin4. The manipulation leads to uncontrolled search path. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2017-20051 | 1 Jrsoftware | 1 Inno Setup | 2024-11-21 | 4.4 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in InnoSetup Installer. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to uncontrolled search path. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2017-20018 | 1 Apachefriends | 1 Xampp | 2024-11-21 | 4.4 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in XAMPP 7.1.1-0-VC14. It has been classified as problematic. Affected is an unknown function of the component Installer. The manipulation leads to privilege escalation. It is possible to launch the attack remotely. | |||||
| CVE-2017-14010 | 2 Microsoft, Spidercontrol | 6 Windows 10, Windows 7, Windows 8 and 3 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| In SpiderControl MicroBrowser Windows XP, Vista 7, 8 and 10, Versions 1.6.30.144 and prior, an uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DLL file in the search path. If the malicious DLL is loaded prior to the valid DLL, an attacker could execute arbitrary code on the system. | |||||
| CVE-2016-6592 | 1 Symantec | 1 Norton Download Manager | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| A vulnerability was found in Symantec Norton Download Manager versions prior to 5.6. A remote user can create a specially crafted DLL file that, when placed on the target user's system, will cause the Norton Download Manager component to load the remote user's DLL instead of the intended DLL and execute arbitrary code when the Norton Download Manager component is run by the target user. | |||||
| CVE-2016-5311 | 1 Symantec | 9 Endpoint Protection, Endpoint Protection Cloud, Norton 360 and 6 more | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
| A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges. | |||||
| CVE-2015-1014 | 1 Schneider-electric | 3 Citectscada, Opc Factory Server, Scada Expert Vijeo Citect | 2024-11-21 | 4.4 MEDIUM | 7.3 HIGH |
| A successful exploit of these vulnerabilities requires the local user to load a crafted DLL file in the system directory on servers running Schneider Electric OFS v3.5 with version v7.40 of SCADA Expert Vijeo Citect/CitectSCADA, OFS v3.5 with version v7.30 of Vijeo Citect/CitectSCADA, and OFS v3.5 with version v7.20 of Vijeo Citect/CitectSCADA.. If the application attempts to open that file, the application could crash or allow the attacker to execute arbitrary code. Schneider Electric recommends vulnerable users upgrade the OFS to V3.5 and install the latest service pack (SP 6 or newer) for their associated version. | |||||
| CVE-2013-0725 | 1 Hexagongeospatial | 1 Erdas Er Viewer | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
| ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary code execution vulnerabilities | |||||
| CVE-2024-26017 | 2024-11-15 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path in some Intel(R) Rendering Toolkit software before version 2024.1.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-34167 | 2024-11-15 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path for the Intel(R) Server Board S2600ST Family BIOS and Firmware Update software all versions may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-35245 | 2024-11-15 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path element in some Intel(R) PROSet/Wireless WiFi software for Windows before version 23.60 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-38387 | 2024-11-15 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path in the Intel(R) Graphics Driver installers for versions 15.40 and 15.45 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-36245 | 2024-11-15 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path element in some Intel(R) VTune(TM) Profiler software before version 2024.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-34028 | 2024-11-15 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path in some Intel(R) Graphics Offline Compiler for OpenCL(TM) Code software for Windows before version 2024.1.0.142, graphics driver 31.0.101.5445 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-37024 | 2024-11-15 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path for some ACAT software maintained by Intel(R) for Windows before version 3.11.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-34164 | 2024-11-15 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path element in some Intel(R) MAS software before version 2.5 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-31407 | 2024-11-15 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path in some Intel(R) High Level Synthesis Compiler software for Intel(R) Quartus(R) Prime Pro Edition Software before version 24.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-23312 | 2024-11-15 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path for some Intel(R) Binary Configuration Tool software for Windows before version 3.4.5 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-28952 | 2024-11-15 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path for some Intel(R) IPP software for Windows before version 2021.12.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-28881 | 2024-11-15 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path for some Intel(R) Fortran Compiler Classic software before version 2021.13 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||