Total
604 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-2167 | 1 Softbank | 1 Primedrive Desktop Application | 2025-04-20 | N/A |
| Untrusted search path vulnerability in Installer for PrimeDrive Desktop Application version 1.4.4 and earlier allows remote attackers to execute arbitrary code via a specially crafted executable file in an unspecified directory. | ||||
| CVE-2017-2175 | 1 Ipa | 1 Empirical Project Monitor - Extended | 2025-04-20 | N/A |
| Untrusted search path vulnerability in Empirical Project Monitor - eXtended all versions allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-12414 | 1 Pcfreetime | 1 Format Factory | 2025-04-20 | N/A |
| Format Factory 4.1.0 has a DLL Hijacking Vulnerability because an untrusted search path is used for msimg32.dll, WindowsCodecs.dll, and dwmapi.dll. | ||||
| CVE-2017-2178 | 1 Atla | 1 Electronic Tendering And Bid Opening System | 2025-04-20 | N/A |
| Untrusted search path vulnerability in Installer of electronic tendering and bid opening system available prior to May 25, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-2212 | 1 Gsi | 1 Tky2jgd | 2025-04-20 | N/A |
| Untrusted search path vulnerability in TKY2JGD (TKY2JGD1379.EXE) ver. 1.3.79 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-2213 | 1 Gsi | 1 Semidynaexe | 2025-04-20 | N/A |
| Untrusted search path vulnerability in SemiDynaEXE (SemiDynaEXE2008.EXE) ver. 1.0.2 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-11657 | 1 Dashlane | 1 Dashlane | 2025-04-20 | 7.3 High |
| Dashlane might allow local users to gain privileges by placing a Trojan horse WINHTTP.dll in the %APPDATA%\Dashlane directory. | ||||
| CVE-2017-2271 | 1 Hibara | 1 Attachecase | 2025-04-20 | N/A |
| Untrusted search path vulnerability in Self-extracting encrypted files created by AttacheCase ver.2.8.3.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-1144 | 1 Ibm | 2 Integration Bus, Websphere Message Broker | 2025-04-20 | N/A |
| IBM WebSphere Message Broker could allow a local user with specialized access to prevent the message broker from starting. IBM X-Force ID: 122033. | ||||
| CVE-2017-11158 | 2 Microsoft, Synology | 2 Windows, Cloud Station Drive | 2025-04-20 | N/A |
| Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Drive before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory. | ||||
| CVE-2017-5236 | 1 Rapid7 | 1 Appspider Pro | 2025-04-20 | N/A |
| Editions of Rapid7 AppSpider Pro installers prior to version 6.14.060 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. | ||||
| CVE-2017-10893 | 1 J-lis | 1 The Public Certification Service For Individuals | 2025-04-20 | N/A |
| Untrusted search path vulnerability in The Public Certification Service for Individuals "The JPKI user's software" Ver3.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-10887 | 2 Bookwalker, Microsoft | 2 Book Walker, Windows | 2025-04-20 | N/A |
| Untrusted search path vulnerability in BOOK WALKER for Windows Ver.1.2.9 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-6768 | 1 Cisco | 1 Application Policy Infrastructure Controller | 2025-04-20 | N/A |
| A vulnerability in the build procedure for certain executable system files installed at boot time on Cisco Application Policy Infrastructure Controller (APIC) devices could allow an authenticated, local attacker to gain root-level privileges. The vulnerability is due to a custom executable system file that was built to use relative search paths for libraries without properly validating the library to be loaded. An attacker could exploit this vulnerability by authenticating to the device and loading a malicious library that can escalate the privilege level. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device. The attacker must have valid user credentials to log in to the device. Cisco Bug IDs: CSCvc96087. Known Affected Releases: 1.1(0.920a), 1.1(1j), 1.1(3f); 1.2 Base, 1.2(2), 1.2(3), 1.2.2; 1.3(1), 1.3(2), 1.3(2f); 2.0 Base, 2.0(1). | ||||
| CVE-2017-10864 | 1 Hitachi-solutions | 1 Confidential File Viewer | 2025-04-20 | N/A |
| Untrusted search path vulnerability in Installer of HIBUN Confidential File Viewer prior to 11.20.0001 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-10863 | 1 Hitachi-solutions | 1 Confidential File Decryption | 2025-04-20 | N/A |
| Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Note this is a separate vulnerability from CVE-2017-10865. | ||||
| CVE-2017-10859 | 1 Daj | 1 I-filter Installer | 2025-04-20 | N/A |
| Untrusted search path vulnerability in "i-filter 6.0 installer" timestamp of code signing is before 23 Aug 2017 (JST) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-10858 | 1 Daj | 1 I-filter Installer | 2025-04-20 | N/A |
| Untrusted search path vulnerability in "i-filter 6.0 install program" file version 1.0.8.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-16690 | 1 Sap | 1 Plant Connectivity | 2025-04-20 | N/A |
| A malicious DLL preload attack possible on NwSapSetup and Installation self-extracting program for SAP Plant Connectivity 2.3 and 15.0. It is possible that SAPSetup / NwSapSetup.exe loads system DLLs like DWMAPI.dll (located in your Syswow64 / System32 folder) from the folder the executable is in and not from the system location. The desired behavior is that system dlls are only loaded from the system folders. If a dll with the same name as the system dll is located in the same folder as the executable, this dll is loaded and code is executed. | ||||
| CVE-2017-10851 | 2 Fujixerox, Microsoft | 2 Contentsbridge Utility, Windows | 2025-04-20 | N/A |
| Untrusted search path vulnerability in Installer for ContentsBridge Utility for Windows 7.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||