Total
592 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-2156 | 1 Vivaldi | 1 Vivaldi Installer For Windows | 2025-04-20 | N/A |
| Untrusted search path vulnerability in Vivaldi installer for Windows prior to version 1.7.735.48 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory. | ||||
| CVE-2017-17010 | 1 Sony | 1 Content Manager Assistant | 2025-04-20 | N/A |
| Untrusted search path vulnerability in Content Manager Assistant for PlayStation version 3.55.7671.0901 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-5232 | 1 Rapid7 | 1 Nexpose | 2025-04-20 | N/A |
| All editions of Rapid7 Nexpose installers prior to version 6.4.24 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. | ||||
| CVE-2017-11397 | 1 Trendmicro | 1 Encryption For Email | 2025-04-20 | N/A |
| A service DLL preloading vulnerability in Trend Micro Encryption for Email versions 5.6 and below could allow an unauthenticated remote attacker to execute arbitrary code on a vulnerable system. | ||||
| CVE-2017-11157 | 2 Microsoft, Synology | 2 Windows, Cloud Station Backup | 2025-04-20 | N/A |
| Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Backup before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory. | ||||
| CVE-2017-2188 | 1 Maff | 1 Denshinouhin Check System | 2025-04-20 | N/A |
| Untrusted search path vulnerability in Installer of Denshinouhin Check System (for Ministry of Agriculture, Forestry and Fisheries Nouson Seibi Jigyou) 2014 March Edition (Ver.9.0.001.001) [Updated on 2017 June 9], (Ver.8.0.001.001) [Updated on 2016 May 31] and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-10824 | 1 Teikoku Databank | 1 Type A | 2025-04-20 | N/A |
| Untrusted search path vulnerability in TDB CA TypeA use software Version 5.2 and earlier, distributed until 10 August 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-11742 | 2 Libexpat Project, Microsoft | 2 Libexpat, Windows | 2025-04-20 | N/A |
| The writeRandomBytes_RtlGenRandom function in xmlparse.c in libexpat in Expat 2.2.1 and 2.2.2 on Windows allows local users to gain privileges via a Trojan horse ADVAPI32.DLL in the current working directory because of an untrusted search path, aka DLL hijacking. | ||||
| CVE-2017-11749 | 1 Internet-soft | 1 Ftp Commander | 2025-04-20 | 7.8 High |
| InternetSoft FTP Commander 8.02 and prior has an untrusted search path, allowing DLL hijacking via a Trojan horse dwmapi.dll file. | ||||
| CVE-2017-10893 | 1 J-lis | 1 The Public Certification Service For Individuals | 2025-04-20 | N/A |
| Untrusted search path vulnerability in The Public Certification Service for Individuals "The JPKI user's software" Ver3.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-17809 | 1 Goldenfrog | 1 Vyprvpn | 2025-04-20 | N/A |
| In Golden Frog VyprVPN before 2.15.0.5828 for macOS, the vyprvpnservice launch daemon has an unprotected XPC service that allows attackers to update the underlying OpenVPN configuration and the arguments passed to the OpenVPN binary when executed. An attacker can abuse this vulnerability by forcing the VyprVPN application to load a malicious dynamic library every time a new connection is made. | ||||
| CVE-2017-11158 | 2 Microsoft, Synology | 2 Windows, Cloud Station Drive | 2025-04-20 | N/A |
| Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Drive before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory. | ||||
| CVE-2017-10892 | 1 Sony | 1 Music Center | 2025-04-20 | N/A |
| Untrusted search path vulnerability in Music Center for PC version 1.0.00 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-1144 | 1 Ibm | 2 Integration Bus, Websphere Message Broker | 2025-04-20 | N/A |
| IBM WebSphere Message Broker could allow a local user with specialized access to prevent the message broker from starting. IBM X-Force ID: 122033. | ||||
| CVE-2017-2249 | 1 Chitora | 1 Lhaz\+ | 2025-04-20 | N/A |
| Untrusted search path vulnerability in Self-extracting archive files created by Lhaz+ version 3.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-10858 | 1 Daj | 1 I-filter Installer | 2025-04-20 | N/A |
| Untrusted search path vulnerability in "i-filter 6.0 install program" file version 1.0.8.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2016-7838 | 1 Winsparkle | 1 Winsparkle | 2025-04-20 | N/A |
| Untrusted search path vulnerability in WinSparkle versions prior to 0.5.3 allows remote attackers to execute arbitrary code via a specially crafted executable file in an unspecified directory. | ||||
| CVE-2017-10859 | 1 Daj | 1 I-filter Installer | 2025-04-20 | N/A |
| Untrusted search path vulnerability in "i-filter 6.0 installer" timestamp of code signing is before 23 Aug 2017 (JST) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-10865 | 1 Hitachi-solutions | 1 Confidential File Decryption | 2025-04-20 | N/A |
| Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Note this is a separate vulnerability from CVE-2017-10863. | ||||
| CVE-2017-10909 | 1 Sony | 1 Music Center | 2025-04-20 | N/A |
| Untrusted search path vulnerability in Music Center for PC version 1.0.01 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||