ReportizFlow
Filtered by vendor
Subscriptions
Total
815 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-28541 | 1 Samsung | 1 Update | 2024-11-21 | 5.9 Medium |
| Uncontrolled search path element vulnerability in Samsung Update prior to version 3.0.77.0 allows attackers to execute arbitrary code as Samsung Update permission. | ||||
| CVE-2022-28394 | 1 Trendmicro | 1 Password Manager | 2024-11-21 | 7.8 High |
| EOL Product CVE - Installer of Trend Micro Password Manager (Consumer) versions 3.7.0.1223 and below provided by Trend Micro Incorporated contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427). Please note that this was reported on an EOL version of the product, and users are advised to upgrade to the latest supported version (5.x). | ||||
| CVE-2022-28247 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 6.7 Medium |
| Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an uncontrolled search path vulnerability that could lead to local privilege escalation. Exploitation of this issue requires user interaction in that a victim must run the uninstaller with Admin privileges. | ||||
| CVE-2022-28128 | 2 Hibara, Microsoft | 2 Attachecase, Windows | 2024-11-21 | 7.8 High |
| Untrusted search path vulnerability in AttacheCase ver.3.6.1.0 and earlier allows an attacker to gain privileges and execute arbitrary code via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2022-27843 | 1 Samsung | 1 Kies | 2024-11-21 | 6.2 Medium |
| DLL hijacking vulnerability in Kies prior to version 2.6.4.22014_2 allows attacker to execute abitrary code. | ||||
| CVE-2022-27842 | 1 Samsung | 1 Smart Switch Pc | 2024-11-21 | 6.2 Medium |
| DLL hijacking vulnerability in Smart Switch PC prior to version 4.2.22022_4 allows attacker to execute abitrary code. | ||||
| CVE-2022-27638 | 1 Intel | 1 Advanced Link Analyzer | 2024-11-21 | 6.7 Medium |
| Uncontrolled search path element in the Intel(R) Advanced Link Analyzer Pro before version 22.2 and Standard edition software before version 22.1.1 STD may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-27187 | 1 Intel | 1 Quartus Prime | 2024-11-21 | 6.7 Medium |
| Uncontrolled search path element in the Intel(R) Quartus Prime Standard edition software before version 21.1 Patch 0.02std may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-27180 | 1 Intel | 1 Maccpuid | 2024-11-21 | 4.2 Medium |
| Uncontrolled search path in the Intel(R) MacCPUID software before version 3.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-26512 | 1 Intel | 1 Fpga Add-on | 2024-11-21 | 6.7 Medium |
| Uncontrolled search path element in the Intel(R) FPGA Add-on for Intel(R) oneAPI Base Toolkit before version 2022.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-26511 | 1 Kingsoft | 1 Wps Presentation | 2024-11-21 | 7.8 High |
| WPS Presentation 11.8.0.5745 insecurely load d3dx9_41.dll when opening .pps files('current directory type' DLL loading). | ||||
| CVE-2022-26425 | 1 Intel | 1 Oneapi Collective Communications Library | 2024-11-21 | 6.7 Medium |
| Uncontrolled search path element in the Intel(R) oneAPI Collective Communications Library (oneCCL) before version 2021.6 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-26421 | 1 Intel | 1 Oneapi Dpc\+\+\/c\+\+ Compiler Runtime | 2024-11-21 | 6.7 Medium |
| Uncontrolled search path element in the Intel(R) oneAPI DPC++/C++ Compiler Runtime before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-26374 | 1 Intel | 1 Single Event Api | 2024-11-21 | 7.8 High |
| Uncontrolled search path in the installation binaries for Intel(R) SEAPI all versions may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-26345 | 1 Intel | 1 Openmp | 2024-11-21 | 6.7 Medium |
| Uncontrolled search path element in the Intel(R) oneAPI Toolkit OpenMP before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-26337 | 1 Trendmicro | 1 Password Manager | 2024-11-21 | 7.8 High |
| Trend Micro Password Manager (Consumer) installer version 5.0.0.1262 and below is vulnerable to an Uncontrolled Search Path Element vulnerability that could allow an attacker to use a specially crafted file to exploit the vulnerability and escalate local privileges on the affected machine. | ||||
| CVE-2022-26319 | 1 Trendmicro | 1 Portable Security | 2024-11-21 | 6.5 Medium |
| An installer search patch element vulnerability in Trend Micro Portable Security 3.0 Pro, 3.0 and 2.0 could allow a local attacker to place an arbitrarily generated DLL file in an installer folder to elevate local privileges. Please note: an attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. | ||||
| CVE-2022-26086 | 1 Intel | 1 Gametechdev Presentmon | 2024-11-21 | 6.7 Medium |
| Uncontrolled search path element in the PresentMon software maintained by Intel(R) before version 1.7.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-26081 | 1 Kingsoft | 1 Wps Office | 2024-11-21 | 7.8 High |
| The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll, allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer. | ||||
| CVE-2022-26076 | 1 Intel | 1 Oneapi Deep Neural Network | 2024-11-21 | 6.7 Medium |
| Uncontrolled search path element in the Intel(R) oneAPI Deep Neural Network (oneDNN) before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||