Lucene search
K

20 matches found

RedhatCVE
RedhatCVE
added 2026/04/02 5:4 a.m.2 views

CVE-2026-3780

The application's installer runs with elevated privileges but resolves system executables and DLLs using untrusted search paths that can include user-writable directories, allowing a local attacker to place malicious binaries with the same names and have them loaded or executed instead of the...

7.3CVSS5.9AI score0.00121EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/01 3:31 a.m.7 views

EUVD-2026-17761

The application's installer runs with elevated privileges but resolves system executables and DLLs using untrusted search paths that can include user-writable directories, allowing a local attacker to place malicious binaries with the same names and have them loaded or executed instead of the...

7.3CVSS5.9AI score0.00121EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/01 1:40 a.m.29 views

CVE-2026-3780 Foxit PDF Editor/Reader Installer Uncontrolled Search Path Privilege Escalation

The application's installer runs with elevated privileges but resolves system executables and DLLs using untrusted search paths that can include user-writable directories, allowing a local attacker to place malicious binaries with the same names and have them loaded or executed instead of the...

7.3CVSS0.00121EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/01 1:40 a.m.2 views

CVE-2026-3780

The application's installer runs with elevated privileges but resolves system executables and DLLs using untrusted search paths that can include user-writable directories, allowing a local attacker to place malicious binaries with the same names and have them loaded or executed instead of the...

7.3CVSS5.9AI score0.00121EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2026/04/01 1:40 a.m.11 views

CVE-2026-3780

CVE-2026-3780 concerns Foxit PDF Editor/Reader installers on Windows. The root cause is an installer that runs with elevated privileges while resolving system executables and DLLs using untrusted search paths that may include user-writable directories. This allows a local attacker to place malici...

7.8CVSS5.9AI score0.00121EPSS
Exploits0References1Affected Software2
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.7 views

Foxit PDF Reader和Foxit PDF Editor 安全漏洞

Foxit PDF Reader and Foxit PDF Editor are products of Foxit Corporation, a Chinese company. Foxit PDF Reader is a PDF reader. Foxit PDF Editor is a PDF editor. Both Foxit PDF Reader and Foxit PDF Editor have security vulnerabilities. These vulnerabilities stem from the installer’s elevated...

7.8CVSS5.8AI score0.00121EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.5 views

PT-2026-29440

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description The application's installer operates with elevated privileges but utilizes untrusted search paths to resolve system executables and DLLs. These paths can includ...

7.8CVSS5.1AI score0.00121EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.6 views

Adobe Illustrator 代码问题漏洞

Adobe Illustrator is a vector-based image creation software developed by Adobe Inc. Versions 29.8.4, 30.1, and earlier of Adobe Illustrator have code vulnerabilities. These vulnerabilities stem from untrusted search paths, which may allow arbitrary code to be executed in the current user...

8.6CVSS6AI score0.00161EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.9 views

Autodesk 3ds Max 代码问题漏洞

Autodesk 3ds Max is a full-featured 3D computer graphics software developed by Autodesk, Inc. There are code vulnerabilities in Autodesk 3ds Max. These vulnerabilities stem from the use of untrusted search paths when opening max files, which may lead to the execution of arbitrary code...

7.8CVSS6.1AI score0.00182EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/06/02 12:0 a.m.4 views

Yandex Telemost 代码问题漏洞

Yandex Telemost is an application for easily creating video calls or video chats from the Russian company Yandex. A security vulnerability exists in Yandex Telemost for Desktop prior to version 2.7.0, which stems from the use of untrusted search paths and may lead to DLL hijacking...

8.4CVSS6.7AI score0.00134EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 2:57 a.m.9 views

CVE-2012-4880

Multiple untrusted search path vulnerabilities in DVD Architect Pro 5.2 Build 133 and DVD Architect Studio 5.0 Build 156 allow local users to gain privileges via a Trojan horse 1 encmp2v.200 or 2 CFHDDecoder.dll file in the current working directory, as demonstrated by a directory that contains a...

6.9CVSS6.9AI score0.00416EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/24 12:0 a.m.6 views

Rise Mode Temp CPU 代码问题漏洞

Rise Mode Temp CPU is a CPU driver from Rise. A code issue vulnerability exists in Rise Mode Temp CPU version 2.1, which stems from the library CRYPTBASE.dll of the component Startup that leads to untrusted search paths...

8.5CVSS7.6AI score0.0019EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/01/19 12:0 a.m.4 views

Epic Games Launcher 代码问题漏洞

Epic Games Launcher is a game software launcher from Epic Games USA. A code issue vulnerability exists in Epic Games Launcher version 17.2.1 and earlier, which stems from code in the profapi.dll library in the component Installer that can lead to untrusted search paths...

4.5CVSS5.1AI score0.00193EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.5 views

RetroArch 代码问题漏洞

RetroArch is a reference front-end to the Libretro API open-sourced by Libretro. A code issue vulnerability exists in RetroArch versions prior to 1.19.1, which stems from some functionality in the component Startup profapi.dll that leads to untrusted search paths...

5.3CVSS5.4AI score0.00185EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2024/09/03 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-6473

Yandex Browser for Desktop before 24.7.1.380 has a DLL Hijacking Vulnerability because an untrusted search path is used...

8.4CVSS5.8AI score0.0071EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/11/09 12:0 a.m.5 views

openSUSE openldap2代码问题漏洞

openSUSE openldap2 is a Lightweight Directory Access Protocol v3 LDAPv3 client and server reference implementation from SUSE Germany. The server provides several database backends and overlays. A code issue vulnerability exists in openSUSE openldap2 versions prior to 2.3.6 through 404.1, which...

7.8CVSS7.5AI score0.0033EPSS
Exploits1References2
CNVD
CNVD
added 2018/01/22 12:0 a.m.6 views

Yandex Browser installer for Desktop DLL Hijacking Vulnerability

Yandex Browser is a free Chromium-based web browser developed by Russian web search company Yandex that uses the Blink typography engine and runs on Windows, OS X, Android and iOS. A DLL hijacking vulnerability exists in the Yandex Browser installer for desktop versions prior to 17.4.1. The...

7.8CVSS6.9AI score0.01395EPSS
Exploits0References1
OSV
OSV
added 2018/01/19 5:29 p.m.5 views

CVE-2017-7327

Yandex Browser installer for Desktop before 17.4.1 has a DLL Hijacking Vulnerability because an untrusted search path is used for dnsapi.dll, winmm.dll, ntmarta.dll, cryptbase.dll or profapi.dll...

7.8CVSS5.8AI score0.01395EPSS
Exploits0References1
OSV
OSV
added 2017/08/18 7:29 p.m.5 views

CVE-2017-11160

Multiple untrusted search path vulnerabilities in installer in Synology Assistant before 6.1-15163 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse 1 shfolder.dll, 2 ntmarta.dll, 3 secur32.dll or 4 dwmapi.dll file in the current worki...

7.8CVSS6.1AI score0.00432EPSS
Exploits0References1
CVE
CVE
added 2012/09/07 10:0 a.m.51 views

CVE-2010-5226

Summary: CVE-2010-5226 affects Autodesk Design Review 2011 (version 11.0.0.86) and involves multiple untrusted search path vulnerabilities. The root cause is placing a Trojan horse through (1) dwmapi.dll, (2) whiptk_wt.7.12.601.dll, or (3) xaml_wt.7.6.0.dll in the current working directory, demon...

6.9CVSS6.6AI score0.00416EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder