CWE:
 

Sorry. No results for Bugtraq WLB2


CVEMAP Search Results

CVE
Details
Description
2019-09-17
Medium
CVE-2019-6826

Vendor: Schneider-electric
Software: Somachine hvac
 

 
A CWE-426: Untrusted Search Path vulnerability exists in SoMachine HVAC v2.4.1 and earlier versions, which could cause arbitrary code execution on the system running SoMachine HVAC when a malicious DLL library is loaded by the product.

 
2019-09-13
Medium
CVE-2019-3646

Vendor: Mcafee
Software: Total protection
 

 
DLL Search Order Hijacking vulnerability in Microsoft Windows client in McAfee Total Protection (MTP) Free Antivirus Trial 16.0.R18 and earlier allows local users to execute arbitrary code via execution from a compromised folder placed by an attacker with administrator rights.

 
2019-09-12
Medium
CVE-2019-8076

Vendor: Adobe
Software: Application ...
 

 
Adobe application manager installer version 10.0 have an Insecure Library Loading (DLL hijacking) vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.

 
2019-08-29
Medium
CVE-2019-8461

Vendor: Checkpoint
Software: Endpoint sec...
 

 
Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH location on a clean image without Endpoint Client installed. An attacker can leverage this to gain LPE using a specially crafted DLL placed in any PATH location accessible with write permissions to the user.

 
2019-08-23
Medium
CVE-2019-7362

Vendor: Autodesk
Software: Design review
 

 
DLL preloading vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into opening a malicious DWF file that may leverage a DLL preloading vulnerability, which may result in code execution.

 
2019-08-21
High
CVE-2019-15295

Updating...
 

 
An Untrusted Search Path vulnerability in the ServiceInstance.dll library versions 1.0.15.119 and lower, as used in Bitdefender Antivirus Free 2020 versions prior to 1.0.15.138, allows an attacker to load an arbitrary DLL file from the search path.

 
Medium
CVE-2019-14686

Vendor: Trendmicro
Software: Antivirus + ...
 

 
A DLL hijacking vulnerability exists in the Trend Micro Security's 2019 consumer family of products (v15) Folder Shield component and the standalone Trend Micro Ransom Buster (1.0) tool in which, if exploited, would allow an attacker to load a malicious DLL, leading to elevated privileges.

 
2019-08-20
Medium
CVE-2019-14687

Vendor: Trendmicro
Software: Password manager
 

 
A DLL hijacking vulnerability exists in Trend Micro Password Manager 5.0 in which, if exploited, would allow an attacker to load an arbitrary unsigned DLL into the signed service's process. This process is very similar, yet not identical to CVE-2019-14684.

 
High
CVE-2019-14684

Vendor: Trendmicro
Software: Password manager
 

 
A DLL hijacking vulnerability exists in Trend Micro Password Manager 5.0 in which, if exploited, would allow an attacker to load an arbitrary unsigned DLL into the signed service's process. This process is very similar, yet not identical to CVE-2019-14687.

 
2019-08-19
High
CVE-2019-5631

Vendor: Rapid7
Software: Insightappsec
 

 
The Rapid7 InsightAppSec broker suffers from a DLL injection vulnerability in the 'prunsrv.exe' component of the product. If exploited, a local user of the system (who must already be authenticated to the operating system) can elevate their privileges with this vulnerability to the privilege level of InsightAppSec (usually, SYSTEM). This issue affects version 2019.06.24 and prior versions of the product.

 

 


Copyright 2019, cxsecurity.com

 

Back to Top