Total
1054 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-24998 | 1 Microsoft | 4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more | 2025-12-17 | 7.3 High |
| Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-34424 | 1 Mailenable | 1 Mailenable | 2025-12-17 | 7.8 High |
| MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIDP.DLL from its installation directory without sufficient integrity validation or a secure search order. A local attacker with write access to that directory can plant a malicious MEAIDP.DLL, which is then loaded on execution, resulting in attacker-controlled code running with the privileges of the process. | ||||
| CVE-2023-4936 | 1 Synaptics | 1 Displaylink | 2025-12-17 | 5.5 Medium |
| It is possible to sideload a compromised DLL during the installation at elevated privilege. | ||||
| CVE-2022-24765 | 6 Apple, Debian, Fedoraproject and 3 more | 7 Xcode, Debian Linux, Fedora and 4 more | 2025-12-16 | 6 Medium |
| Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where untrusted parties have write access to the same hard disk. Those untrusted parties could create the folder `C:\.git`, which would be picked up by Git operations run supposedly outside a repository while searching for a Git directory. Git would then respect any config in said Git directory. Git Bash users who set `GIT_PS1_SHOWDIRTYSTATE` are vulnerable as well. Users who installed posh-gitare vulnerable simply by starting a PowerShell. Users of IDEs such as Visual Studio are vulnerable: simply creating a new project would already read and respect the config specified in `C:\.git\config`. Users of the Microsoft fork of Git are vulnerable simply by starting a Git Bash. The problem has been patched in Git for Windows v2.35.2. Users unable to upgrade may create the folder `.git` on all drives where Git commands are run, and remove read/write access from those folders as a workaround. Alternatively, define or extend `GIT_CEILING_DIRECTORIES` to cover the _parent_ directory of the user profile, e.g. `C:\Users` if the user profile is located in `C:\Users\my-user-name`. | ||||
| CVE-2025-13664 | 1 Altera | 1 Quartus Prime Standard | 2025-12-12 | 6.7 Medium |
| A potential security vulnerability in Quartus® Prime Standard Edition Design Software may allow escalation of privilege. | ||||
| CVE-2025-13665 | 1 Altera | 1 Quartus Prime Standard | 2025-12-12 | 6.7 Medium |
| The System Console Utility for Windows is vulnerable to a DLL planting vulnerability | ||||
| CVE-2025-13669 | 1 Altera | 1 High Level Synthesis Compiler | 2025-12-12 | 6.7 Medium |
| Uncontrolled Search Path Element vulnerability in Altera High Level Synthesis Compiler on Windows allows Search Order Hijacking.This issue affects High Level Synthesis Compiler: from 19.1 through 24.3. | ||||
| CVE-2025-13670 | 1 Altera | 1 High Level Synthesis Compiler | 2025-12-12 | 6.7 Medium |
| The High Level Synthesis Compiler i++ command for Windows is vulnerable to a DLL planting vulnerability | ||||
| CVE-2025-13152 | 1 Lenovo | 1 One Client | 2025-12-12 | 7.8 High |
| A potential DLL hijacking vulnerability was reported in Lenovo One Client during an internal security assessment that could allow a local authenticated user to execute code with elevated privileges. | ||||
| CVE-2025-12046 | 1 Lenovo | 2 App Store, Browser | 2025-12-12 | 7.8 High |
| A DLL hijacking vulnerability was reported in the Lenovo App Store and Lenovo Browser applications that could allow a local authenticated user to execute code with elevated privileges under certain conditions. | ||||
| CVE-2025-34396 | 1 Mailenable | 1 Mailenable | 2025-12-10 | 7.3 High |
| MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAINFY.DLL from its application directo without sufficient integrity validation or secure search order. If the DLL is missing or attacker-writable locations in the search path are used, a local attacker with write permissions to the directory can plant a malicious MEAINFY.DLL. When the executable is launched, it loads the attacker-controlled library and executes code with the privileges of the process, enabling local privilege escalation when run with elevated rights. | ||||
| CVE-2025-5471 | 2 Apple, Yandex | 2 Macos, Yandex Telemost | 2025-12-10 | N/A |
| Uncontrolled Search Path Element vulnerability in Yandex Telemost on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.19.1. | ||||
| CVE-2025-5470 | 2 Apple, Yandex | 2 Macos, Disk | 2025-12-10 | N/A |
| Uncontrolled Search Path Element vulnerability in Yandex Disk on MacOS allows Search Order Hijacking.This issue affects Disk: before 3.2.45.3275. | ||||
| CVE-2025-5469 | 2 Apple, Yandex | 2 Macos, Messenger | 2025-12-10 | N/A |
| Uncontrolled Search Path Element vulnerability in Yandex Messenger on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.245 | ||||
| CVE-2025-30033 | 2025-12-09 | 7.8 High | ||
| The affected setup component is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected setup component. | ||||
| CVE-2022-27595 | 1 Qnap | 1 Qvpn | 2025-12-08 | 7.8 High |
| An insecure library loading vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local attackers who have gained user access to execute unauthorized code or commands. We have already fixed the vulnerability in the following versions: QVPN Windows 2.0.0.1316 and later QVPN Windows 2.0.0.1310 and later | ||||
| CVE-2025-66476 | 2 Microsoft, Vim | 2 Windows, Vim | 2025-12-05 | 7.8 High |
| Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables placed in the current working directory for the current edited file. On Windows, when using cmd.exe as a shell, Vim resolves external commands by searching the current working directory before system paths. When Vim invokes tools such as findstr for :grep, external commands or filters via :!, or compiler/:make commands, it may inadvertently run a malicious executable present in the same directory as the file being edited. The issue affects Vim for Windows prior to version 9.1.1947. | ||||
| CVE-2025-32919 | 2 Checkmk, Microsoft | 2 Checkmk, Windows | 2025-12-04 | 7.8 High |
| Use of an insecure temporary directory in the Windows License plugin for the Checkmk Windows Agent allows Privilege Escalation. This issue affects Checkmk: from 2.4.0 before 2.4.0p13, from 2.3.0 before 2.3.0p38, from 2.2.0 before 2.2.0p46, and all versions of 2.1.0 (EOL). | ||||
| CVE-2025-33208 | 1 Nvidia | 1 Tao | 2025-12-04 | 8.8 High |
| NVIDIA TAO contains a vulnerability where an attacker may cause a resource to be loaded via an uncontrolled search path. A successful exploit of this vulnerability may lead to escalation of privileges, data tampering, denial of service, information disclosure. | ||||
| CVE-2024-27303 | 2 Electron, Microsoft | 2 Electron-builder, Windows | 2025-12-03 | 7.3 High |
| electron-builder is a solution to package and build a ready for distribution Electron, Proton Native app for macOS, Windows and Linux. A vulnerability that only affects eletron-builder prior to 24.13.2 in Windows, the NSIS installer makes a system call to open cmd.exe via NSExec in the `.nsh` installer script. NSExec by default searches the current directory of where the installer is located before searching `PATH`. This means that if an attacker can place a malicious executable file named cmd.exe in the same folder as the installer, the installer will run the malicious file. Version 24.13.2 fixes this issue. No known workaround exists. The code executes at the installer-level before the app is present on the system, so there's no way to check if it exists in a current installer. | ||||