Total
563 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-11749 | 1 Internet-soft | 1 Ftp Commander | 2025-04-20 | 7.8 High |
| InternetSoft FTP Commander 8.02 and prior has an untrusted search path, allowing DLL hijacking via a Trojan horse dwmapi.dll file. | ||||
| CVE-2017-12313 | 1 Cisco | 1 Packet Tracer | 2025-04-20 | N/A |
| An untrusted search path (aka DLL Preload) vulnerability in the Cisco Network Academy Packet Tracer software could allow an authenticated, local attacker to execute arbitrary code via DLL hijacking if a local user with administrative privileges executes the installer in the current working directory where a crafted DLL has been placed by an attacker. The vulnerability is due to incomplete input validation of path and file names of a DLL file before it is loaded. An attacker could exploit this vulnerability by creating a malicious DLL file and installing it in a specific system directory. A successful exploit could allow the attacker to execute commands on the underlying Microsoft Windows host with privileges equivalent to the SYSTEM account. An attacker would need valid user credentials to exploit this vulnerability. | ||||
| CVE-2017-12414 | 1 Pcfreetime | 1 Format Factory | 2025-04-20 | N/A |
| Format Factory 4.1.0 has a DLL Hijacking Vulnerability because an untrusted search path is used for msimg32.dll, WindowsCodecs.dll, and dwmapi.dll. | ||||
| CVE-2017-2267 | 1 Resume-next | 1 Filecapsule Deluxe Portable | 2025-04-20 | N/A |
| Untrusted search path vulnerability in FileCapsule Deluxe Portable Ver.1.0.5.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-13070 | 1 Qnap | 1 Qsync | 2025-04-20 | N/A |
| A DLL Hijacking vulnerability in QNAP Qsync for Windows (exe) version 4.2.2.0724 and earlier could allow remote attackers to execute arbitrary code on Windows machines. | ||||
| CVE-2017-15566 | 1 Schedmd | 1 Slurm | 2025-04-20 | N/A |
| Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution. | ||||
| CVE-2017-17069 | 2 Amazon, Microsoft | 2 Audible, Windows | 2025-04-20 | N/A |
| ActiveSetupN.exe in Amazon Audible for Windows before November 2017 allows attackers to execute arbitrary DLL code if ActiveSetupN.exe is launched from a directory where an attacker has already created a Trojan horse dwmapi.dll file. | ||||
| CVE-2017-2268 | 1 Resume-next | 1 Filecapsule Deluxe Portable | 2025-04-20 | N/A |
| Untrusted search path vulnerability in Encrypted files in self-decryption format created by FileCapsule Deluxe Portable Ver.1.0.5.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-17809 | 1 Goldenfrog | 1 Vyprvpn | 2025-04-20 | N/A |
| In Golden Frog VyprVPN before 2.15.0.5828 for macOS, the vyprvpnservice launch daemon has an unprotected XPC service that allows attackers to update the underlying OpenVPN configuration and the arguments passed to the OpenVPN binary when executed. An attacker can abuse this vulnerability by forcing the VyprVPN application to load a malicious dynamic library every time a new connection is made. | ||||
| CVE-2017-2212 | 1 Gsi | 1 Tky2jgd | 2025-04-20 | N/A |
| Untrusted search path vulnerability in TKY2JGD (TKY2JGD1379.EXE) ver. 1.3.79 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-2107 | 1 Akky | 1 7-zip32.dll | 2025-04-20 | N/A |
| Untrusted search path vulnerability in Self-extracting archive files created by 7-ZIP32.DLL 9.22.00.01 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-2130 | 1 Securebrain | 1 Phishwall Client | 2025-04-20 | 7.8 High |
| Untrusted search path vulnerability in the installer of PhishWall Client Internet Explorer version Ver. 3.7.13 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-2156 | 1 Vivaldi | 1 Vivaldi Installer For Windows | 2025-04-20 | N/A |
| Untrusted search path vulnerability in Vivaldi installer for Windows prior to version 1.7.735.48 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory. | ||||
| CVE-2017-2167 | 1 Softbank | 1 Primedrive Desktop Application | 2025-04-20 | N/A |
| Untrusted search path vulnerability in Installer for PrimeDrive Desktop Application version 1.4.4 and earlier allows remote attackers to execute arbitrary code via a specially crafted executable file in an unspecified directory. | ||||
| CVE-2017-2175 | 1 Ipa | 1 Empirical Project Monitor - Extended | 2025-04-20 | N/A |
| Untrusted search path vulnerability in Empirical Project Monitor - eXtended all versions allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-2176 | 1 Jasdf | 1 Screensavers | 2025-04-20 | N/A |
| Untrusted search path vulnerability in screensaver installers (jasdf_01.exe, jasdf_02.exe, jasdf_03.exe, jasdf_04.exe, jasdf_05.exe, scramble_setup.exe, clock_01_setup.exe, clock_02_setup.exe) available prior to May 25, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-10822 | 1 Enecho.meti | 1 Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program | 2025-04-20 | N/A |
| Untrusted search path vulnerability in Installer for Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program (program released on 2013 September 30) distributed on the website until 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-2178 | 1 Atla | 1 Electronic Tendering And Bid Opening System | 2025-04-20 | N/A |
| Untrusted search path vulnerability in Installer of electronic tendering and bid opening system available prior to May 25, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-2188 | 1 Maff | 1 Denshinouhin Check System | 2025-04-20 | N/A |
| Untrusted search path vulnerability in Installer of Denshinouhin Check System (for Ministry of Agriculture, Forestry and Fisheries Nouson Seibi Jigyou) 2014 March Edition (Ver.9.0.001.001) [Updated on 2017 June 9], (Ver.8.0.001.001) [Updated on 2016 May 31] and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-10836 | 1 Optim | 1 Optimal Guard | 2025-04-20 | N/A |
| Untrusted search path vulnerability in Optimal Guard 1.1.21 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||