Total
866 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-27298 | 1 Intel | 1 Wake Up Latency Tracer | 2025-01-24 | 8.8 High |
| Uncontrolled search path in the WULT software maintained by Intel(R) before version 1.0.0 (commit id 592300b) may allow an unauthenticated user to potentially enable escalation of privilege via network access. | ||||
| CVE-2022-27180 | 1 Intel | 1 Maccpuid | 2025-01-24 | 4.2 Medium |
| Uncontrolled search path in the Intel(R) MacCPUID software before version 3.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-38101 | 1 Intel | 3 Iflashv, Nuc 8 Rugged Kit Nuc8cchkr, Nuc Board Nuc8cchb | 2025-01-24 | 6.7 Medium |
| Uncontrolled search path in some Intel(R) NUC Chaco Canyon BIOS update software before version iFlashV Windows 5.13.00.2105 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-32576 | 1 Intel | 1 Unite | 2025-01-24 | 6.7 Medium |
| Uncontrolled search path in the Intel(R) Unite(R) Plugin SDK before version 4.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-22355 | 1 Intel | 29 Advisor, Cpu Runtime, Distribution For Python and 26 more | 2025-01-24 | 6.7 Medium |
| Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-31197 | 1 Intel | 1 Trace Analyzer And Collector | 2025-01-24 | 6.7 Medium |
| Uncontrolled search path in the Intel(R) Trace Analyzer and Collector before version 2020 update 3 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-21861 | 1 Intel | 1 Graphics Performance Analyzers Framework | 2025-01-23 | 6.7 Medium |
| Uncontrolled search path in some Intel(R) GPA Framework software before version 2023.4 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-21788 | 1 Intel | 1 Graphics Performance Analyzers | 2025-01-23 | 6.7 Medium |
| Uncontrolled search path in some Intel(R) GPA software before version 2023.4 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-41961 | 1 Intel | 1 Graphics Performance Analyzers | 2025-01-23 | 6.7 Medium |
| Uncontrolled search path in some Intel(R) GPA software before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-35192 | 1 Intel | 2 Graphics Performance Analyzer, Graphics Performance Analyzers Framework | 2025-01-23 | 6.7 Medium |
| Uncontrolled search path in some Intel(R) GPA Framework software before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-0898 | 1 Ge | 1 Micom S1 Agile | 2025-01-16 | 5.3 Medium |
| General Electric MiCOM S1 Agile is vulnerable to an attacker achieving code execution by placing malicious DLL files in the directory of the application. | ||||
| CVE-2023-0142 | 1 Synology | 3 Diskstation Manager, Diskstation Manager Unified Controller, Router Manager | 2025-01-14 | 6.5 Medium |
| Uncontrolled search path element vulnerability in Backup Management functionality in Synology DiskStation Manager (DSM) before 6.2.4-25556-8, 7.0.1-42218-7 and 7.1-42661 allows remote authenticated users with administrator privileges to read or write arbitrary files via unspecified vectors. | ||||
| CVE-2025-0069 | 2025-01-14 | 7.8 High | ||
| Due to DLL injection vulnerability in SAPSetup, an attacker with either local user privileges or with access to a compromised corporate user�s Windows account could gain higher privileges. With this, he could move laterally within the network and further compromise the active directory of a company. This leads to high impact on confidentiality, integrity and availability of the Windows server. | ||||
| CVE-2024-7886 | 1 Scootersoftware | 1 Beyond Compare | 2025-01-10 | 7.8 High |
| A vulnerability has been found in Scooter Software Beyond Compare up to 3.3.5.15075 and classified as critical. Affected by this vulnerability is an unknown functionality in the library 7zxa.dll. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The real existence of this vulnerability is still doubted at the moment. The vendor explains that a system must be breached before exploiting this issue. They are not planning on making any changes to address it. | ||||
| CVE-2023-28080 | 1 Dell | 1 Powerpath | 2025-01-10 | 6.7 Medium |
| PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains DLL Hijacking Vulnerabilities. A regular user (non-admin) can exploit these issues to potentially escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM. | ||||
| CVE-2024-37130 | 1 Dell | 1 Openmanage Server Administrator | 2025-01-09 | 7.3 High |
| Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains a Local Privilege Escalation vulnerability via XSL Hijacking. A local low-privileged malicious user could potentially exploit this vulnerability and escalate their privilege to the admin user and gain full control of the machine. Exploitation may lead to a complete system compromise. | ||||
| CVE-2024-30376 | 2 Famatech, Radmin | 2 Advanced Ip Scanner, Advanced Ip Scanner | 2025-01-09 | 7.3 High |
| Famatech Advanced IP Scanner Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Famatech Advanced IP Scanner. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the application's use of Qt. The application loads Qt plugins from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of an administrator. Was ZDI-CAN-20768. | ||||
| CVE-2023-0976 | 2 Apple, Trellix | 2 Macos, Agent | 2025-01-06 | 6.3 Medium |
| A command Injection Vulnerability in TA for mac-OS prior to version 5.7.9 allows local users to place an arbitrary file into the /Library/Trellix/Agent/bin/ folder. The malicious file is executed by running the TA deployment feature located in the System Tree. | ||||
| CVE-2024-55543 | 2025-01-02 | N/A | ||
| Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169. | ||||
| CVE-2024-55540 | 2025-01-02 | N/A | ||
| Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169. | ||||