Total
620 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-20406 | 2 Atlassian, Microsoft | 3 Confluence, Confluence Server, Windows | 2023-12-10 | 4.4 MEDIUM | 7.8 HIGH |
The usage of Tomcat in Confluence on the Microsoft Windows operating system before version 7.0.5, and from version 7.1.0 before version 7.1.1 allows local system attackers who have permission to write a DLL file in a directory in the global path environmental variable variable to inject code & escalate their privileges via a DLL hijacking vulnerability. | |||||
CVE-2019-19364 | 1 Sony | 2 Catalyst Browse, Catalyst Production Suite | 2023-12-10 | 4.4 MEDIUM | 7.8 HIGH |
A weak malicious user can escalate its privilege whenever CatalystProductionSuite.2019.1.exe (version 1.1.0.21) and CatalystBrowseSuite.2019.1.exe (version 1.1.0.21) installers run. The vulnerability is in the form of DLL Hijacking. The installers try to load DLLs that don’t exist from its current directory; by doing so, an attacker can quickly escalate its privileges. | |||||
CVE-2016-6592 | 1 Symantec | 1 Norton Download Manager | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
A vulnerability was found in Symantec Norton Download Manager versions prior to 5.6. A remote user can create a specially crafted DLL file that, when placed on the target user's system, will cause the Norton Download Manager component to load the remote user's DLL instead of the intended DLL and execute arbitrary code when the Norton Download Manager component is run by the target user. | |||||
CVE-2019-5695 | 2 Microsoft, Nvidia | 3 Windows, Geforce Experience, Gpu Driver | 2023-12-10 | 6.9 MEDIUM | 6.5 MEDIUM |
NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Driver (all versions) contains a vulnerability in the local service provider component in which an attacker with local system and privileged access can incorrectly load Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. | |||||
CVE-2020-3153 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2023-12-10 | 4.9 MEDIUM | 6.5 MEDIUM |
A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to copy user-supplied files to system level directories with system level privileges. The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a malicious file and copying the file to a system directory. An exploit could allow the attacker to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks. To exploit this vulnerability, the attacker needs valid credentials on the Windows system. | |||||
CVE-2019-14688 | 2 Microsoft, Trendmicro | 9 Windows, Control Manager, Endpoint Sensor and 6 more | 2023-12-10 | 5.1 MEDIUM | 7.0 HIGH |
Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. The vulnerability was found to ONLY be exploitable during an initial product installation by an authorized user. The attacker must convince the target to download malicious DLL locally which must be present when the installer is run. | |||||
CVE-2019-20400 | 1 Atlassian | 1 Jira Server | 2023-12-10 | 4.4 MEDIUM | 7.8 HIGH |
The usage of Tomcat in Jira before version 8.5.2 allows local attackers with permission to write a dll file to a directory in the global path environmental variable can inject code into via a DLL hijacking vulnerability. | |||||
CVE-2019-14600 | 1 Intel | 1 Snmp Subagent Stand-alone | 2023-12-10 | 4.6 MEDIUM | 6.7 MEDIUM |
Uncontrolled search path element in the installer for Intel(R) SNMP Subagent Stand-Alone for Windows* may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2019-19689 | 2 Microsoft, Trendmicro | 2 Windows, Housecall For Home Networks | 2023-12-10 | 4.4 MEDIUM | 7.8 HIGH |
Trend Micro HouseCall for Home Networks (versions below 5.3.0.1063) could be exploited via a DLL Hijack related to a vulnerability on the packer that the program uses. | |||||
CVE-2013-0725 | 1 Hexagongeospatial | 1 Erdas Er Viewer | 2023-12-10 | 6.9 MEDIUM | 7.8 HIGH |
ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary code execution vulnerabilities | |||||
CVE-2020-8601 | 2 Microsoft, Trendmicro | 2 Windows, Vulnerability Protection | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
Trend Micro Vulnerability Protection 2.0 is affected by a vulnerability that could allow an attack to use the product installer to load other DLL files located in the same directory. | |||||
CVE-2019-16001 | 2 Cisco, Microsoft | 3 Webex Meetings, Webex Teams, Windows | 2023-12-10 | 4.4 MEDIUM | 5.3 MEDIUM |
A vulnerability in the loading mechanism of specific dynamic link libraries in Cisco Webex Teams for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of the resources loaded by the application at run time. An attacker could exploit this vulnerability by crafting a malicious DLL file and placing it in a specific location on the targeted system. The malicious DLL file would execute when the vulnerable application is launched. A successful exploit could allow the attacker to execute arbitrary code on the target machine with the privileges of another user account. | |||||
CVE-2019-18575 | 1 Dell | 1 Command\|configure | 2023-12-10 | 6.6 MEDIUM | 7.1 HIGH |
Dell Command Configure versions prior to 4.2.1 contain an uncontrolled search path vulnerability. A locally authenticated malicious user could exploit this vulnerability by creating a symlink to a target file, allowing the attacker to overwrite or corrupt a specified file on the system. | |||||
CVE-2019-7960 | 3 Adobe, Apple, Microsoft | 3 Animate Cc, Macos, Windows | 2023-12-10 | 4.4 MEDIUM | 7.8 HIGH |
Adobe Animate CC versions 19.2.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation. | |||||
CVE-2019-5701 | 1 Nvidia | 1 Geforce Experience | 2023-12-10 | 6.2 MEDIUM | 7.8 HIGH |
NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service, information disclosure, or escalation of privileges through code execution. | |||||
CVE-2019-19954 | 2 Microsoft, Signal | 2 Windows, Signal-desktop | 2023-12-10 | 6.9 MEDIUM | 7.3 HIGH |
Signal Desktop before 1.29.1 on Windows allows local users to gain privileges by creating a Trojan horse %SYSTEMDRIVE%\node_modules\.bin\wmic.exe file. | |||||
CVE-2016-5311 | 1 Symantec | 9 Endpoint Protection, Endpoint Protection Cloud, Norton 360 and 6 more | 2023-12-10 | 6.9 MEDIUM | 7.8 HIGH |
A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges. | |||||
CVE-2019-12758 | 1 Symantec | 1 Endpoint Protection | 2023-12-10 | 7.2 HIGH | 6.7 MEDIUM |
Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature. | |||||
CVE-2019-5694 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2023-12-10 | 4.4 MEDIUM | 6.5 MEDIUM |
NVIDIA Windows GPU Display Driver, R390 driver version, contains a vulnerability in NVIDIA Control Panel in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. The attacker requires local system access. | |||||
CVE-2019-3726 | 1 Dell | 3 Client Platforms, Emc Servers, Update Package Framework | 2023-12-10 | 6.2 MEDIUM | 6.7 MEDIUM |
An Uncontrolled Search Path Vulnerability is applicable to the following: Dell Update Package (DUP) Framework file versions prior to 19.1.0.413, and Framework file versions prior to 103.4.6.69 used in Dell EMC Servers. Dell Update Package (DUP) Framework file versions prior to 3.8.3.67 used in Dell Client Platforms. The vulnerability is limited to the DUP framework during the time window when a DUP is being executed by an administrator. During this time window, a locally authenticated low privilege malicious user potentially could exploit this vulnerability by tricking an administrator into running a trusted binary, causing it to load a malicious DLL and allowing the attacker to execute arbitrary code on the victim system. The vulnerability does not affect the actual binary payload that the DUP delivers. |