ReportizFlow
Filtered by vendor
Subscriptions
Total
815 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-7962 | 3 Adobe, Apple, Microsoft | 3 Illustrator Cc, Macos, Windows | 2024-11-21 | 7.8 High |
| Adobe Illustrator CC versions 23.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation. | ||||
| CVE-2019-7961 | 1 Adobe | 1 Prelude Cc | 2024-11-21 | N/A |
| Adobe Prelude CC versions 8.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2019-7960 | 3 Adobe, Apple, Microsoft | 3 Animate Cc, Macos, Windows | 2024-11-21 | 7.8 High |
| Adobe Animate CC versions 19.2.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation. | ||||
| CVE-2019-7956 | 2 Adobe, Microsoft | 2 Dreamweaver, Windows | 2024-11-21 | N/A |
| Adobe Dreamweaver direct download installer versions 19.0 and below, 18.0 and below have an Insecure Library Loading (DLL hijacking) vulnerability. Successful exploitation could lead to Privilege Escalation in the context of the current user. | ||||
| CVE-2019-7931 | 1 Adobe | 1 Premiere Pro Cc | 2024-11-21 | N/A |
| Adobe Premiere Pro CC versions 13.1.2 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2019-7870 | 1 Adobe | 1 Character Animator | 2024-11-21 | N/A |
| Adobe Character Animator versions 2.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2019-7653 | 3 Canonical, Debian, Rdflib Project | 3 Ubuntu Linux, Debian Linux, Rdflib | 2024-11-21 | 9.8 Critical |
| The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has CLI tools that can load Python modules from the current working directory, allowing code injection, because "python -m" looks in this directory, as demonstrated by rdf2dot. This issue is specific to use of the debian/scripts directory. | ||||
| CVE-2019-7365 | 1 Autodesk | 1 Autodesk Desktop | 2024-11-21 | 7.8 High |
| DLL preloading vulnerability in Autodesk Desktop Application versions 7.0.16.29 and earlier. An attacker may trick a user into downloading a malicious DLL file into the working directory, which may then leverage a DLL preloading vulnerability and execute code on the system. | ||||
| CVE-2019-7364 | 1 Autodesk | 11 Advance Steel, Autocad, Autocad Architecture and 8 more | 2024-11-21 | N/A |
| DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D and version 2017 of AutoCAD P&ID. An attacker may trick a user into opening a malicious DWG file that may leverage a DLL preloading vulnerability in AutoCAD which may result in code execution. | ||||
| CVE-2019-7362 | 1 Autodesk | 1 Design Review | 2024-11-21 | N/A |
| DLL preloading vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into opening a malicious DWF file that may leverage a DLL preloading vulnerability, which may result in code execution. | ||||
| CVE-2019-7093 | 2 Adobe, Microsoft | 2 Creative Cloud, Windows | 2024-11-21 | N/A |
| Creative Cloud Desktop Application (installer) versions 4.7.0.400 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation. | ||||
| CVE-2019-6858 | 1 Schneider-electric | 1 Msx Configurator | 2024-11-21 | 7.8 High |
| A CWE-427:Uncontrolled Search Path Element vulnerability exists in MSX Configurator (Software Version prior to V1.0.8.1), which could cause privilege escalation when injecting a malicious DLL. | ||||
| CVE-2019-6825 | 1 Schneider-electric | 1 Proclima | 2024-11-21 | 7.8 High |
| A CWE-427: Uncontrolled Search Path Element vulnerability exists in ProClima (all versions prior to version 8.0.0) which could allow a malicious DLL file, with the same name of any resident DLLs inside the software installation, to execute arbitrary code in all versions of ProClima prior to version 8.0.0. | ||||
| CVE-2019-6692 | 1 Fortinet | 1 Forticlient | 2024-11-21 | 7.8 High |
| A malicious DLL preload vulnerability in Fortinet FortiClient for Windows 6.2.0 and below allows a privileged attacker to perform arbitrary code execution via forging that DLL. | ||||
| CVE-2019-6564 | 1 Ge | 1 Ge Communicator | 2024-11-21 | 7.8 High |
| GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to place malicious files within the installer file directory, which may allow an attacker to gain administrative privileges on a system during installation or upgrade. | ||||
| CVE-2019-6546 | 1 Ge | 1 Ge Communicator | 2024-11-21 | 7.8 High |
| GE Communicator, all versions prior to 4.0.517, allows an attacker to place malicious files within the working directory of the program, which may allow an attacker to manipulate widgets and UI elements. | ||||
| CVE-2019-6534 | 1 Gemalto | 1 Sentinel Ultrapro Client Library | 2024-11-21 | 7.8 High |
| The uncontrolled search path element vulnerability in Gemalto Sentinel UltraPro Client Library ux32w.dll Versions 1.3.0, 1.3.1, and 1.3.2 enables an attacker to load and execute a malicious file. | ||||
| CVE-2019-6333 | 1 Hp | 1 Touchpoint Analytics | 2024-11-21 | 6.7 Medium |
| A potential security vulnerability has been identified with certain versions of HP Touchpoint Analytics prior to version 4.1.4.2827. This vulnerability may allow a local attacker with administrative privileges to execute arbitrary code via an HP Touchpoint Analytics system service. | ||||
| CVE-2019-5701 | 1 Nvidia | 1 Geforce Experience | 2024-11-21 | 7.8 High |
| NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service, information disclosure, or escalation of privileges through code execution. | ||||
| CVE-2019-5695 | 2 Microsoft, Nvidia | 3 Windows, Geforce Experience, Gpu Driver | 2024-11-21 | 6.5 Medium |
| NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Driver (all versions) contains a vulnerability in the local service provider component in which an attacker with local system and privileged access can incorrectly load Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. | ||||