CWE:
 

Sorry. No results for Bugtraq WLB2


CVEMAP Search Results

CVE
Details
Description
2019-10-07
Medium
CVE-2019-3745

Vendor: DELL
Software: Encryption
 

 
The vulnerability is limited to the installers of Dell Encryption Enterprise versions prior to 10.4.0 and Dell Endpoint Security Suite Enterprise versions prior to 2.4.0. This issue is exploitable only during the installation of the product by an administrator. A local authenticated low privileged user potentially could exploit this vulnerability by staging a malicious DLL in the search path of the installer prior to its execution by a local administrator. This would cause loading of the malicious DLL, which would allow the attacker to execute arbitrary code in the context of an administrator.

 
2019-10-02
Medium
CVE-2019-16407

Vendor: Jetbrains
Software: Resharper
 

 
JetBrains ReSharper installers for versions before 2019.2 had a DLL Hijacking vulnerability.

 
2019-10-01
Medium
CVE-2019-14960

Vendor: Jetbrains
Software: Rider
 

 
JetBrains Rider before 2019.1.2 was using an unsigned JetBrains.Rider.Unity.Editor.Plugin.Repacked.dll file.

 
2019-09-24
Medium
CVE-2019-13357

Vendor: Totaldefense
Software: Anti-virus
 

 
In Total Defense Anti-virus 9.0.0.773, resource acquisition from the untrusted search path C:\ used by caschelp.exe allows local attackers to hijack ccGUIFrm.dll, which leads to code execution. SYSTEM-level code execution can be achieved when the ccSchedulerSVC service runs the affected executable.

 
2019-09-17
Medium
CVE-2019-6826

Vendor: Schneider-electric
Software: Somachine hvac
 

 
A CWE-426: Untrusted Search Path vulnerability exists in SoMachine HVAC v2.4.1 and earlier versions, which could cause arbitrary code execution on the system running SoMachine HVAC when a malicious DLL library is loaded by the product.

 
2019-09-13
Medium
CVE-2019-3646

Vendor: Mcafee
Software: Total protection
 

 
DLL Search Order Hijacking vulnerability in Microsoft Windows client in McAfee Total Protection (MTP) Free Antivirus Trial 16.0.R18 and earlier allows local users to execute arbitrary code via execution from a compromised folder placed by an attacker with administrator rights.

 
2019-09-12
Medium
CVE-2019-8076

Vendor: Adobe
Software: Application ...
 

 
Adobe application manager installer version 10.0 have an Insecure Library Loading (DLL hijacking) vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.

 
2019-08-29
Medium
CVE-2019-8461

Vendor: Checkpoint
Software: Endpoint sec...
 

 
Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH location on a clean image without Endpoint Client installed. An attacker can leverage this to gain LPE using a specially crafted DLL placed in any PATH location accessible with write permissions to the user.

 
2019-08-23
Medium
CVE-2019-7362

Vendor: Autodesk
Software: Design review
 

 
DLL preloading vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into opening a malicious DWF file that may leverage a DLL preloading vulnerability, which may result in code execution.

 
2019-08-21
Medium
CVE-2019-14686

Vendor: Trendmicro
Software: Antivirus + ...
 

 
A DLL hijacking vulnerability exists in the Trend Micro Security's 2019 consumer family of products (v15) Folder Shield component and the standalone Trend Micro Ransom Buster (1.0) tool in which, if exploited, would allow an attacker to load a malicious DLL, leading to elevated privileges.

 

 


Copyright 2019, cxsecurity.com

 

Back to Top