Lucene search
+L

113 matches found

CNNVD
CNNVD
added 2023/06/04 12:0 a.m.6 views

Captura 代码问题漏洞

Captura is a free and open source screen recording tool from the individual developer Mathew Sachin. A code issue vulnerability exists in Captura 8.0.0 and prior versions, which stems from faulty code in the library CRYPTBASE.dll that can lead to uncontrolled search paths...

7.8CVSS7.1AI score0.00197EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/01/25 12:0 a.m.12 views

The vulnerability of the library for working with X Pixmap (XPM) files, libXpm, is related to insecure search paths, allowing attackers to execute arbitrary code with elevated privileges.

The vulnerability of the library for working with X Pixmap XPM files involves the use of the $PATH variable to execute commands responsible for unpacking .Z or .gz files. Exploiting this vulnerability allows an attacker to execute arbitrary code with elevated privileges...

7.1CVSS7.3AI score0.01199EPSS
Exploits0References14Affected Software9
CNNVD
CNNVD
added 2023/01/12 12:0 a.m.6 views

Bloom filters 代码问题漏洞

Bloom filters is a Golang-based implementation of Bloom filters. A code issue vulnerability exists in Bloom filters versions prior to 3.3.1 that stems from uncontrolled search path elements...

7.8CVSS7.3AI score0.00403EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/11/09 12:0 a.m.6 views

openSUSE openldap2代码问题漏洞

openSUSE openldap2 is a Lightweight Directory Access Protocol v3 LDAPv3 client and server reference implementation from SUSE Germany. The server provides several database backends and overlays. A code issue vulnerability exists in openSUSE openldap2 versions prior to 2.3.6 through 404.1, which...

7.8CVSS7.5AI score0.0033EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/07/12 12:0 a.m.4 views

SAP BusinessObjects BW Publisher Service 代码问题漏洞

SAP BusinessObjects BW Publisher Service is a model-driven data warehouse product from SAP Germany. An elevation of privilege vulnerability exists in versions 420 and 430 of the SAP BusinessObjects BW Publisher Service, which stems from the use of search paths that contain un-referenced elements,...

7.8CVSS5.6AI score0.00254EPSS
Exploits0References4
Snyk
Snyk
added 2022/04/16 12:0 a.m.4 views

Privilege Defined With Unsafe Actions

Overview System.Management.Automation is a System Management Automation for PowerShell. Affected versions of this package are vulnerable to Privilege Defined With Unsafe Actions in the module search paths that will return empty strings for special folders that don't exist in some accounts like...

8.5CVSS7.2AI score0.00614EPSS
Exploits0References2
Prion
Prion
added 2022/01/26 3:15 p.m.18 views

Design/Logic Flaw

In ListCheck.exe in Acer Care Center 4.x before 4.00.3038, a vulnerability in the loading mechanism of Windows DLLs could allow a local attacker to perform a DLL hijacking attack. This vulnerability is due to incorrect handling of directory search paths at run time. An attacker could exploit this...

6.9CVSS7.7AI score0.00604EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/09/01 12:0 a.m.7 views

The vulnerability of the Adobe Animate program for creating multimedia and computer animations lies in the use of an unreliable search path during the loading of dynamic DLL libraries, which allows attackers to exploit their privileges.

The vulnerability of the Adobe Animate program for creating multimedia and computer animations is related to the use of an unreliable search path during the loading of dynamic DLL libraries. Exploiting this vulnerability can allow attackers to gain increased privileges...

7.8CVSS7.2AI score0.00777EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/04/14 12:0 a.m.5 views

Siemens network software vulnerabilities, related to the lack of commas in the syntax of elements or search paths, allow attackers to execute arbitrary code with elevated privileges.

The vulnerability of Siemens network software is related to the absence of commas in the syntax of elements or search paths. Exploiting this vulnerability allows an attacker to execute arbitrary code with elevated privileges...

6.8CVSS7.4AI score0.00441EPSS
Exploits0References3Affected Software4
Vulnrichment
Vulnrichment
added 2021/04/08 4:5 a.m.16 views

CVE-2021-1386 Cisco Advanced Malware Protection for Endpoints Windows Connector, ClamAV for Windows, and Immunet DLL Hijacking Vulnerability

A vulnerability in the dynamic link library DLL loading mechanism in Cisco Advanced Malware Protection AMP for Endpoints Windows Connector, ClamAV for Windows, and Immunet could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected Windows system. To exploit this...

7CVSS7.3AI score0.0028EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/04/08 4:5 a.m.33 views

CVE-2021-1386 Cisco Advanced Malware Protection for Endpoints Windows Connector, ClamAV for Windows, and Immunet DLL Hijacking Vulnerability

A vulnerability in the dynamic link library DLL loading mechanism in Cisco Advanced Malware Protection AMP for Endpoints Windows Connector, ClamAV for Windows, and Immunet could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected Windows system. To exploit this...

7CVSS7.9AI score0.0028EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/04/01 12:0 a.m.10 views

The vulnerability of server installers for Building Management Systems Enterprise Server and Enterprise Central on Windows operating systems allows a hacker to increase their privileges.

The vulnerability of server installers for Building Management Systems like Enterprise Server and Enterprise Central on Windows operating systems is related to the absence of quotation marks in the wording of search elements or paths. Exploiting this vulnerability can allow attackers to increase...

7CVSS7.1AI score0.00271EPSS
Exploits0References3Affected Software2
NVD
NVD
added 2021/01/20 8:15 p.m.14 views

CVE-2021-1280

A vulnerability in the loading mechanism of specific DLLs of Cisco Advanced Malware Protection AMP for Endpoints for Windows and Immunet for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need valid...

7.8CVSS7.7AI score0.00443EPSS
Exploits0References1
Prion
Prion
added 2021/01/20 8:15 p.m.17 views

Code injection

A vulnerability in the loading mechanism of specific DLLs of Cisco Advanced Malware Protection AMP for Endpoints for Windows and Immunet for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need valid...

6.9CVSS7.3AI score0.00443EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2021/01/20 7:56 p.m.79 views

CVE-2021-1280

CVE-2021-1280 describes a DLL hijacking vulnerability in the loading mechanism of specific DLLs used by Cisco AMP for Endpoints (Windows) and Immunet (Windows). An authenticated, local attacker could exploit improper directory search path handling by placing a malicious DLL on the target system, ...

7.8CVSS7.5AI score0.00443EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2021/01/20 7:56 p.m.22 views

CVE-2021-1280 Cisco Advanced Malware Protection for Endpoints and Immunet for Windows DLL Hijacking Vulnerability

A vulnerability in the loading mechanism of specific DLLs of Cisco Advanced Malware Protection AMP for Endpoints for Windows and Immunet for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need valid...

7.8CVSS7.9AI score0.00443EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2021/01/20 7:56 p.m.13 views

CVE-2021-1280 Cisco Advanced Malware Protection for Endpoints and Immunet for Windows DLL Hijacking Vulnerability

A vulnerability in the loading mechanism of specific DLLs of Cisco Advanced Malware Protection AMP for Endpoints for Windows and Immunet for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need valid...

7.8CVSS7.4AI score0.00443EPSS
Exploits0References1
Cisco
Cisco
added 2021/01/20 4:0 p.m.66 views

Cisco Advanced Malware Protection for Endpoints and Immunet for Windows DLL Hijacking Vulnerability

A vulnerability in the loading mechanism of specific DLLs of Cisco Advanced Malware Protection AMP for Endpoints for Windows and Immunet for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need valid...

7.8CVSS7.5AI score0.00443EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/06/10 12:0 a.m.5 views

PT-2020-5919 · Siemens · Sinamics Startdrive +14

Name of the Vulnerable Software and Affected Versions: SIMATIC Automation Tool versions prior to V4 SP2 SIMATIC NET PC Software V14 versions prior to V14 SP1 Update 14 SIMATIC NET PC Software V15 versions SIMATIC NET PC Software V16 versions prior to V16 Upd3 SIMATIC PCS neo versions prior to V3....

7.2CVSS6.8AI score0.00441EPSS
Exploits0References5
OSV
OSV
added 2019/07/17 9:15 p.m.3 views

CVE-2019-13637

In LogMeIn join.me before 3.16.0.5505, an attacker could execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI that is defined in Windows. An attacker could exploit this vulnerability by convincing a targeted user to follow a...

8.8CVSS7.5AI score0.0256EPSS
Exploits0References1
Rows per page
Query Builder