Vulnerabilities > Untrusted Search Path
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-12 | CVE-2017-16690 | Untrusted Search Path vulnerability in SAP Plant Connectivity 15.0/2.3 A malicious DLL preload attack possible on NwSapSetup and Installation self-extracting program for SAP Plant Connectivity 2.3 and 15.0. | 7.8 |
| 2017-12-11 | CVE-2014-8358 | Untrusted Search Path vulnerability in Huawei Ec156 Firmware, Ec176 Firmware and Ec177 Firmware Huawei EC156, EC176, and EC177 USB Modem products with software before UTPS-V200R003B015D02SP07C1014 (23.015.02.07.1014) and before V200R003B015D02SP08C1014 (23.015.02.08.1014) use a weak ACL for the "Mobile Partner" directory, which allows remote attackers to gain SYSTEM privileges by compromising a low privilege account and modifying Mobile Partner.exe. | 7.8 |
| 2017-12-11 | CVE-2017-13070 | Untrusted Search Path vulnerability in Qnap Qsync 4.2.2.0724 A DLL Hijacking vulnerability in QNAP Qsync for Windows (exe) version 4.2.2.0724 and earlier could allow remote attackers to execute arbitrary code on Windows machines. | 7.8 |
| 2017-12-08 | CVE-2017-10893 | Untrusted Search Path vulnerability in J-Lis the Public Certification Service for Individuals 3.1 Untrusted search path vulnerability in The Public Certification Service for Individuals "The JPKI user's software" Ver3.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2017-12-06 | CVE-2017-17069 | Untrusted Search Path vulnerability in Amazon Audible 2.34.0/2.44.1 ActiveSetupN.exe in Amazon Audible for Windows before November 2017 allows attackers to execute arbitrary DLL code if ActiveSetupN.exe is launched from a directory where an attacker has already created a Trojan horse dwmapi.dll file. | 7.8 |
| 2017-12-01 | CVE-2017-10892 | Untrusted Search Path vulnerability in Sony Music Center 1.0.00 Untrusted search path vulnerability in Music Center for PC version 1.0.00 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2017-12-01 | CVE-2017-10891 | Untrusted Search Path vulnerability in Sony Media GO 3.2.0.191 Untrusted search path vulnerability in Media Go version 3.2.0.191 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2017-11-22 | CVE-2017-8137 | Untrusted Search Path vulnerability in Huawei Hedex Lite HedEx Earlier than V200R006C00 versions has a dynamic link library (DLL) hijacking vulnerability due to calling the DDL file by accessing a relative path. | 7.8 |
| 2017-11-17 | CVE-2017-4939 | Untrusted Search Path vulnerability in VMWare Workstation VMware Workstation (12.x before 12.5.8) installer contains a DLL hijacking issue that exists due to some DLL files loaded by the application improperly. | 7.8 |
| 2017-11-17 | CVE-2017-10887 | Untrusted Search Path vulnerability in Bookwalker Book Walker 1.2.5/1.2.9 Untrusted search path vulnerability in BOOK WALKER for Windows Ver.1.2.9 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |