Total
882 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-28952 | 1 Intel | 1 Ipp Software | 2024-11-15 | 6.7 Medium |
| Uncontrolled search path for some Intel(R) IPP software for Windows before version 2021.12.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-47942 | 1 Siemens | 1 Solid Edge Se2024 | 2024-11-13 | 7.3 High |
| A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). The affected applications suffer from a DLL hijacking vulnerability. This could allow an attacker to execute arbitrary code via placing a crafted DLL file on the system. | ||||
| CVE-2024-2207 | 1 Hewlett Packard Enterprise | 1 Sound Research Secomn64 Driver | 2024-11-13 | 6 Medium |
| Potential vulnerabilities have been identified in the audio package for certain HP PC products using the Sound Research SECOMN64 driver, which might allow escalation of privilege. Sound Research has released driver updates to mitigate the potential vulnerabilities. | ||||
| CVE-2024-2208 | 1 Hewlett Packard Enterprise | 1 Sound Research Secomn64 Driver | 2024-11-13 | 8.8 High |
| Potential vulnerabilities have been identified in the audio package for certain HP PC products using the Sound Research SECOMN64 driver, which might allow escalation of privilege. Sound Research has released driver updates to mitigate the potential vulnerabilities. | ||||
| CVE-2024-10093 | 2 Vso, Vso-software | 2 Convertxtodvd, Convertxtodvd | 2024-11-01 | 7.8 High |
| A vulnerability, which was classified as critical, was found in VSO ConvertXtoDvd 7.0.0.83. Affected is an unknown function in the library avcodec.dll of the file ConvertXtoDvd.exe. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-48605 | 1 Helakuru | 1 Helakuru | 2024-10-30 | 7.8 High |
| An issue in Helakuru Desktop Application v1.1 allows a local attacker to execute arbitrary code via the lack of proper validation of the wow64log.dll file. | ||||
| CVE-2024-50583 | 2024-10-25 | 6.3 Medium | ||
| Whale browser Installer before 3.1.0.0 allows an attacker to execute a malicious DLL in the user environment due to improper permission settings. | ||||
| CVE-2024-49390 | 1 Acronis | 1 Cyber Files | 2024-10-18 | 7.3 High |
| Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. | ||||
| CVE-2024-49391 | 1 Acronis | 1 Cyber Files | 2024-10-18 | 7.3 High |
| Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. | ||||
| CVE-2024-10068 | 1 Flashfxp | 1 Flashfxp | 2024-10-18 | 7.8 High |
| A vulnerability was found in OpenSight Software FlashFXP 5.4.0.3970. It has been classified as critical. Affected is an unknown function in the library libcrypto-1_1.dll of the file FlashFXP.exe. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-30117 | 1 Hcltech | 1 Bigfix Platform | 2024-10-17 | 2.5 Low |
| A dynamic search for a prerequisite library could allow the possibility for an attacker to replace the correct file under some circumstances. | ||||
| CVE-2024-4089 | 1 Lenovo | 1 Superfile | 2024-10-17 | 7.8 High |
| A DLL hijack vulnerability was reported in Lenovo Super File that could allow a local attacker to execute code with elevated privileges. | ||||
| CVE-2024-4130 | 1 Lenovo | 1 App Store | 2024-10-17 | 7.8 High |
| A DLL hijack vulnerability was reported in Lenovo App Store that could allow a local attacker to execute code with elevated privileges. | ||||
| CVE-2024-4131 | 1 Lenovo | 1 Emulator | 2024-10-17 | 7.8 High |
| A DLL hijack vulnerability was reported in Lenovo Emulator that could allow a local attacker to execute code with elevated privileges. | ||||
| CVE-2024-4132 | 1 Lenovo | 1 Lock Screen | 2024-10-17 | 7.8 High |
| A DLL hijack vulnerability was reported in Lenovo Lock Screen that could allow a local attacker to execute code with elevated privileges. | ||||
| CVE-2024-9046 | 1 Lenovo | 1 Starstudio | 2024-10-17 | 7.8 High |
| A DLL hijack vulnerability was reported in Lenovo stARstudio that could allow a local attacker to execute code with elevated privileges. | ||||
| CVE-2024-47194 | 1 Siemens | 2 Modelsim, Questa | 2024-10-16 | 6.7 Medium |
| A vulnerability has been identified in ModelSim (All versions < V2024.3), Questa (All versions < V2024.3). vish2.exe in affected applications allows a specific DLL file to be loaded from the current working directory. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges in installations where administrators or processes with elevated privileges launch vish2.exe from a user-writable directory. | ||||
| CVE-2024-47195 | 1 Siemens | 2 Modelsim, Questa | 2024-10-16 | 6.7 Medium |
| A vulnerability has been identified in ModelSim (All versions < V2024.3), Questa (All versions < V2024.3). gdb.exe in affected applications allows a specific executable file to be loaded from the current working directory. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges in installations where administrators or processes with elevated privileges launch gdb.exe from a user-writable directory. | ||||
| CVE-2024-47196 | 1 Siemens | 2 Modelsim, Questa | 2024-10-16 | 6.7 Medium |
| A vulnerability has been identified in ModelSim (All versions < V2024.3), Questa (All versions < V2024.3). vsimk.exe in affected applications allows a specific tcl file to be loaded from the current working directory. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges in installations where administrators or processes with elevated privileges launch vsimk.exe from a user-writable directory. | ||||
| CVE-2024-33582 | 1 Lenovo | 1 Service Framework | 2024-10-15 | 7.8 High |
| A DLL hijack vulnerability was reported in Lenovo Service Framework that could allow a local attacker to execute code with elevated privileges. | ||||