Total
603 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-2983 | 1 Adobe | 1 Shockwave Player | 2025-04-20 | N/A |
| Adobe Shockwave versions 12.2.7.197 and earlier have an insecure library loading (DLL hijacking) vulnerability. Successful exploitation could lead to escalation of privilege. | ||||
| CVE-2017-2242 | 1 Ntt | 1 Flets Setsuzoku Tool | 2025-04-20 | N/A |
| Untrusted search path vulnerability in Flets Setsuzoku Tool for Windows all versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-5234 | 1 Rapid7 | 1 Insight Collector | 2025-04-20 | N/A |
| Rapid7 Insight Collector installers prior to version 1.0.16 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. | ||||
| CVE-2017-2193 | 1 Tera Term Project | 1 Tera Term | 2025-04-20 | N/A |
| Untrusted search path vulnerability in the installer of Tera Term 4.94 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2015-8264 | 1 F-secure | 1 F-secure Online Scanner | 2025-04-20 | N/A |
| Untrusted search path vulnerability in F-Secure Online Scanner allows remote attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL that is located in the same folder as F-SecureOnlineScanner.exe. | ||||
| CVE-2016-1417 | 1 Snort | 1 Snort | 2025-04-20 | N/A |
| Untrusted search path vulnerability in Snort 2.9.7.0-WIN32 allows remote attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse tcapi.dll that is located in the same folder on a remote file share as a pcap file that is being processed. | ||||
| CVE-2015-3887 | 1 Proxychains-ng Project | 1 Proxychains-ng | 2025-04-20 | N/A |
| Untrusted search path vulnerability in ProxyChains-NG before 4.9 allows local users to gain privileges via a Trojan horse libproxychains4.so library in the current working directory, which is referenced in the LD_PRELOAD path. | ||||
| CVE-2017-11748 | 1 Softonic | 1 Spider Player | 2025-04-20 | N/A |
| VIT Spider Player 2.5.3 has an untrusted search path, allowing DLL hijacking via a Trojan horse dwmapi.dll, olepro32.dll, dsound.dll, or AUDIOSES.dll file. | ||||
| CVE-2017-12480 | 1 Sandboxie | 1 Sandboxie Installer | 2025-04-20 | N/A |
| Sandboxie installer 5071703 has a DLL Hijacking or Unsafe DLL Loading Vulnerability via a Trojan horse dwmapi.dll or profapi.dll file in an AppData\Local\Temp directory. | ||||
| CVE-2017-6768 | 1 Cisco | 1 Application Policy Infrastructure Controller | 2025-04-20 | N/A |
| A vulnerability in the build procedure for certain executable system files installed at boot time on Cisco Application Policy Infrastructure Controller (APIC) devices could allow an authenticated, local attacker to gain root-level privileges. The vulnerability is due to a custom executable system file that was built to use relative search paths for libraries without properly validating the library to be loaded. An attacker could exploit this vulnerability by authenticating to the device and loading a malicious library that can escalate the privilege level. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device. The attacker must have valid user credentials to log in to the device. Cisco Bug IDs: CSCvc96087. Known Affected Releases: 1.1(0.920a), 1.1(1j), 1.1(3f); 1.2 Base, 1.2(2), 1.2(3), 1.2.2; 1.3(1), 1.3(2), 1.3(2f); 2.0 Base, 2.0(1). | ||||
| CVE-2017-2246 | 1 Chitora | 1 Lhaz | 2025-04-20 | N/A |
| Untrusted search path vulnerability in Installer of Lhaz version 2.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-2157 | 1 Jpki | 1 The Public Certification Service For Individuals | 2025-04-20 | N/A |
| Untrusted search path vulnerability in installers for The Public Certification Service for Individuals "The JPKI user's software (for Windows 7 and later)" Ver3.1 and earlier, The Public Certification Service for Individuals "The JPKI user's software (for Windows Vista)", The Public Certification Service for Individuals "The JPKI user's software" Ver2.6 and earlier that were available until April 27, 2017 allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-2212 | 1 Gsi | 1 Tky2jgd | 2025-04-20 | N/A |
| Untrusted search path vulnerability in TKY2JGD (TKY2JGD1379.EXE) ver. 1.3.79 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-8137 | 1 Huawei | 1 Hedex Lite | 2025-04-20 | N/A |
| HedEx Earlier than V200R006C00 versions has a dynamic link library (DLL) hijacking vulnerability due to calling the DDL file by accessing a relative path. An attacker could exploit this vulnerability to tamper with the DLL file, leading to DLL hijacking. | ||||
| CVE-2017-7642 | 1 Hashicorp | 1 Vagrant Vmware Fusion | 2025-04-20 | N/A |
| The sudo helper in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.21 allows local users to gain root privileges by leveraging failure to verify the path to the encoded ruby script or scrub the PATH variable. | ||||
| CVE-2017-6189 | 1 Amazon | 1 Kindle For Pc | 2025-04-20 | N/A |
| Untrusted search path vulnerability in Amazon Kindle for PC before 1.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL in the current working directory of the Kindle Setup installer. | ||||
| CVE-2017-11160 | 1 Synology | 1 Assistant | 2025-04-20 | N/A |
| Multiple untrusted search path vulnerabilities in installer in Synology Assistant before 6.1-15163 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory. | ||||
| CVE-2017-5233 | 1 Rapid7 | 1 Appspider Pro | 2025-04-20 | 7.8 High |
| Rapid7 AppSpider Pro installers prior to version 6.14.053 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. | ||||
| CVE-2017-2266 | 1 Resume-next | 1 Filecapsule Deluxe Portable | 2025-04-20 | N/A |
| Untrusted search path vulnerability in Encrypted files in self-decryption format created by FileCapsule Deluxe Portable Ver.1.0.4.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2017-2265 | 1 Resume-next | 1 Filecapsule Deluxe Portable | 2025-04-20 | N/A |
| Untrusted search path vulnerability in FileCapsule Deluxe Portable Ver.1.0.4.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||