Search Results (607 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-10865 1 Hitachi-solutions 1 Confidential File Decryption 2025-04-20 N/A
Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Note this is a separate vulnerability from CVE-2017-10863.
CVE-2017-10887 2 Bookwalker, Microsoft 2 Book Walker, Windows 2025-04-20 N/A
Untrusted search path vulnerability in BOOK WALKER for Windows Ver.1.2.9 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-11157 2 Microsoft, Synology 2 Windows, Cloud Station Backup 2025-04-20 N/A
Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Backup before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory.
CVE-2017-11158 2 Microsoft, Synology 2 Windows, Cloud Station Drive 2025-04-20 N/A
Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Drive before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory.
CVE-2017-11159 2 Microsoft, Synology 2 Windows, Photo Station Uploader 2025-04-20 N/A
Multiple untrusted search path vulnerabilities in installer in Synology Photo Station Uploader before 1.4.2-084 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory.
CVE-2017-12252 1 Cisco 1 Findit Network Discovery Utility 2025-04-20 N/A
A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local attacker to perform a DLL preloading attack, potentially causing a partial impact to device availability, confidentiality, and integrity. The vulnerability is due to the application loading a malicious copy of a specific, nondefined DLL file instead of the DLL file it was expecting. An attacker could exploit this vulnerability by placing an affected DLL within the search path of the host system. An exploit could allow the attacker to load a malicious DLL file into the system, thus partially compromising confidentiality, integrity, and availability on the device. Cisco Bug IDs: CSCve89785.
CVE-2017-3007 2 Adobe, Microsoft 2 Creative Cloud, Windows 2025-04-20 N/A
Adobe Thor versions 3.9.5.353 and earlier have a vulnerability in the directory search path used to find resources, related to Creative Cloud desktop applications.
CVE-2017-5232 1 Rapid7 1 Nexpose 2025-04-20 N/A
All editions of Rapid7 Nexpose installers prior to version 6.4.24 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer.
CVE-2017-7642 1 Hashicorp 1 Vagrant Vmware Fusion 2025-04-20 N/A
The sudo helper in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.21 allows local users to gain root privileges by leveraging failure to verify the path to the encoded ruby script or scrub the PATH variable.
CVE-2017-10909 1 Sony 1 Music Center 2025-04-20 N/A
Untrusted search path vulnerability in Music Center for PC version 1.0.01 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-10829 1 Ntt 1 Enkaku Support Tool 2025-04-20 N/A
Untrusted search path vulnerability in Remote Support Tool (Enkaku Support Tool) All versions distributed through the website till 2017 August 10 allow an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-10828 1 Ntt 1 Flets Install Tool 2025-04-20 N/A
Untrusted search path vulnerability in Flets Install Tool all versions distributed through the website till 2017 August 8 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-10827 1 Ntt 1 Flets Azukuu Pc Automatic Backup Tool 2025-04-20 N/A
Untrusted search path vulnerability in Flets Azukeru for Windows Auto Backup Tool v1.0.3.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-2108 1 Softbank 1 Primedrive Desktop Application 2025-04-20 N/A
Untrusted search path vulnerability in PrimeDrive Desktop Application 1.4.3 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-2209 1 Santeikohyo 1 Installer Of Houkokusyo Sakusei Shien Tool 2025-04-20 N/A
Untrusted search path vulnerability in the installer of Houkokusyo Sakusei Shien Tool ver3.0.2 (For the first installation) (The version which was available on the website from 2017 April 4 to 2017 May 18) and ver2.0 and later (For the first installation) (The versions which were available on the website prior to 2017 April 4) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-10825 1 Flets-w 1 Flets Easy Setup Tool 2025-04-20 N/A
Untrusted search path vulnerability in Installer of Flets Easy Setup Tool Ver1.2.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-10812 1 Nttdocomo 1 Photo Collection Pc Software 2025-04-20 N/A
Untrusted search path vulnerability in Photo Collection PC Software Ver.4.0.2 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-10836 1 Optim 1 Optimal Guard 2025-04-20 N/A
Untrusted search path vulnerability in Optimal Guard 1.1.21 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-10891 1 Sony 1 Media Go 2025-04-20 N/A
Untrusted search path vulnerability in Media Go version 3.2.0.191 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2017-10826 1 Ntt 1 Security Kinou Mihariban 2025-04-20 N/A
Untrusted search path vulnerability in Security Kinou Mihariban v1.0.21 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.