ReportizFlow
Filtered by vendor
Subscriptions
Total
1140 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-30248 | 1 Westerndigital | 1 Wd Discovery | 2026-04-15 | N/A |
| DLL hijacking in the WD Discovery Installer in Western Digital WD Discovery 5.2.730 on Windows allows a local attacker to execute arbitrary code via placement of a crafted dll in the installer's search path. | ||||
| CVE-2024-21843 | 2026-04-15 | 6.7 Medium | ||
| Uncontrolled search path for some Intel(R) Computing Improvement Program software before version 2.4.0.10654 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-30506 | 1 Intel | 1 Driver\&support Assistant | 2026-04-15 | 6.7 Medium |
| Uncontrolled search path for some Intel Driver and Support Assistant before version 25.2 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable local code execution. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. | ||||
| CVE-2024-9490 | 2026-04-15 | 8.6 High | ||
| DLL hijacking vulnerabilities, caused by an uncontrolled search path in Silicon Labs (8-bit) IDE installer can lead to privilege escalation and arbitrary code execution when running the impacted installer. | ||||
| CVE-2024-33581 | 1 Lenovo | 1 Pcmanager | 2026-04-15 | 7.8 High |
| A DLL hijack vulnerability was reported in Lenovo PC Manager AI intelligent scenario that could allow a local attacker to execute code with elevated privileges. | ||||
| CVE-2024-9495 | 2026-04-15 | 8.6 High | ||
| DLL hijacking vulnerabilities, caused by an uncontrolled search path in the CP210x VCP Windows installer can lead to privilege escalation and arbitrary code execution when running the impacted installer. | ||||
| CVE-2025-20065 | 2 Intel, Microsoft | 2 Display Virtualization, Windows | 2026-04-15 | 6.7 Medium |
| Uncontrolled search path for some Display Virtualization for Windows OS software before version 1797 within Ring 2: Device Drivers may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. | ||||
| CVE-2024-33582 | 1 Lenovo | 1 Service Framework | 2026-04-15 | 7.8 High |
| A DLL hijack vulnerability was reported in Lenovo Service Framework that could allow a local attacker to execute code with elevated privileges. | ||||
| CVE-2025-60749 | 1 Trimble | 1 Sketchup | 2026-04-15 | 7.8 High |
| DLL Hijacking vulnerability in Trimble SketchUp desktop 2025 via crafted libcef.dll used by sketchup_webhelper.exe. | ||||
| CVE-2025-31931 | 1 Intel | 1 Itt Api | 2026-04-15 | 6.7 Medium |
| Uncontrolled search path for the Instrumentation and Tracing Technology API (ITT API) software before version 3.25.4 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. | ||||
| CVE-2024-2207 | 1 Hewlett Packard Enterprise | 1 Sound Research Secomn64 Driver | 2026-04-15 | 6 Medium |
| Potential vulnerabilities have been identified in the audio package for certain HP PC products using the Sound Research SECOMN64 driver, which might allow escalation of privilege. Sound Research has released driver updates to mitigate the potential vulnerabilities. | ||||
| CVE-2025-40827 | 1 Siemens | 2 Software Center, Solid Edge Se2025 | 2026-04-15 | 7.8 High |
| A vulnerability has been identified in Siemens Software Center (All versions < V3.5), Solid Edge SE2025 (All versions < V225.0 Update 10). The affected application is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code via placing a crafted DLL file on the system. | ||||
| CVE-2024-2208 | 1 Hewlett Packard Enterprise | 1 Sound Research Secomn64 Driver | 2026-04-15 | 8.8 High |
| Potential vulnerabilities have been identified in the audio package for certain HP PC products using the Sound Research SECOMN64 driver, which might allow escalation of privilege. Sound Research has released driver updates to mitigate the potential vulnerabilities. | ||||
| CVE-2024-34016 | 1 Acronis | 1 Cyber Protect Cloud Agent | 2026-04-15 | N/A |
| Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 38235. | ||||
| CVE-2025-44021 | 1 Openstack | 1 Ironic | 2026-04-15 | 2.8 Low |
| OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling (if a deployment was performed via the API). A malicious project assigned as a node owner can provide a path to any local file (readable by ironic-conductor), which may then be written to the target node disk. This is difficult to exploit in practice, because a node deployed in this manner should never reach the ACTIVE state, but it still represents a danger in environments running with non-default, insecure configurations such as with automated cleaning disabled. The fixed versions are 24.1.3, 26.1.1, and 29.0.1. | ||||
| CVE-2024-34028 | 1 Intel | 1 Graphics Offline Compiler For Opencl Code Software | 2026-04-15 | 6.7 Medium |
| Uncontrolled search path in some Intel(R) Graphics Offline Compiler for OpenCL(TM) Code software for Windows before version 2024.1.0.142, graphics driver 31.0.101.5445 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-1729 | 2026-04-15 | 6.7 Medium | ||
| A DLL hijacking vulnerability was reported in TrackPoint Quick Menu software that, under certain conditions, could allow a local attacker to escalate privileges. | ||||
| CVE-2024-34167 | 1 Intel | 1 Server Board S2600st Firmware | 2026-04-15 | 6.7 Medium |
| Uncontrolled search path for the Intel(R) Server Board S2600ST Family BIOS and Firmware Update software all versions may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-22167 | 2026-04-15 | 7.9 High | ||
| A potential DLL hijacking vulnerability in the SanDisk PrivateAccess application for Windows that could lead to arbitrary code execution in the context of the system user. This vulnerability is only exploitable locally if an attacker has access to a copy of the user's vault or has already gained access into a user's system. This attack is limited to the system in context and cannot be propagated. | ||||
| CVE-2024-36283 | 2026-04-15 | 6.7 Medium | ||
| Uncontrolled search path for the Intel(R) Thread Director Visualizer software before version 1.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||