Total
473 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-35260 | 2024-07-25 | N/A | 8.0 HIGH | ||
| An authenticated attacker can exploit an Untrusted Search Path vulnerability in Microsoft Dataverse to execute code over a network. | |||||
| CVE-2024-34123 | 2024-07-11 | N/A | 7.0 HIGH | ||
| Premiere Pro versions 23.6.5, 24.4.1 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution. An attacker could exploit this vulnerability by inserting a malicious file into the search path, which the application might execute instead of the legitimate file. This could occur when the application uses a search path to locate executables or libraries. Exploitation of this issue requires user interaction, attack complexity is high. | |||||
| CVE-2024-36071 | 2024-07-03 | N/A | 6.3 MEDIUM | ||
| Samsung Magician 8.0.0 on Windows allows an admin to escalate privileges by tampering with the directory and DLL files used during the installation process. This occurs because of an Untrusted Search Path. | |||||
| CVE-2021-28246 | 1 Broadcom | 1 Ehealth | 2024-07-03 | 4.4 MEDIUM | 7.8 HIGH |
| CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. A regular user must create a malicious library in the writable RPATH, to be dynamically linked when the emtgtctl2 executable is run. The code in the library will be executed as the ehealth user. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | |||||
| CVE-2022-22047 | 1 Microsoft | 16 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 13 more | 2024-06-28 | 7.2 HIGH | 7.8 HIGH |
| Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability | |||||
| CVE-2024-30100 | 1 Microsoft | 1 Sharepoint Server | 2024-06-20 | N/A | 7.8 HIGH |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||
| CVE-2019-17449 | 1 Avira | 1 Software Updater | 2024-06-11 | 4.6 MEDIUM | 6.7 MEDIUM |
| Avira Software Updater before 2.0.6.21094 allows a DLL side-loading attack. NOTE: The vendor thinks that this vulnerability is invalid because exploiting it would require at least administrator privileges and would gain only SYSTEM privileges | |||||
| CVE-2023-35343 | 1 Microsoft | 7 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 4 more | 2024-05-29 | N/A | 7.8 HIGH |
| Windows Geolocation Service Remote Code Execution Vulnerability | |||||
| CVE-2023-21764 | 1 Microsoft | 1 Exchange Server | 2024-05-29 | N/A | 7.8 HIGH |
| Microsoft Exchange Server Elevation of Privilege Vulnerability | |||||
| CVE-2023-21763 | 1 Microsoft | 1 Exchange Server | 2024-05-29 | N/A | 7.8 HIGH |
| Microsoft Exchange Server Elevation of Privilege Vulnerability | |||||
| CVE-2023-41766 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-05-29 | N/A | 7.8 HIGH |
| Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability | |||||
| CVE-2023-36898 | 1 Microsoft | 2 Windows 11 21h2, Windows 11 22h2 | 2024-05-29 | N/A | 7.8 HIGH |
| Tablet Windows User Interface Application Core Remote Code Execution Vulnerability | |||||
| CVE-2023-36780 | 1 Microsoft | 1 Skype For Business Server | 2024-05-29 | N/A | 7.2 HIGH |
| Skype for Business Remote Code Execution Vulnerability | |||||
| CVE-2023-36778 | 1 Microsoft | 1 Exchange Server | 2024-05-29 | N/A | 8.0 HIGH |
| Microsoft Exchange Server Remote Code Execution Vulnerability | |||||
| CVE-2023-36422 | 1 Microsoft | 1 Windows Defender | 2024-05-29 | N/A | 7.8 HIGH |
| Microsoft Windows Defender Elevation of Privilege Vulnerability | |||||
| CVE-2023-36393 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-05-29 | N/A | 7.8 HIGH |
| Windows User Interface Application Core Remote Code Execution Vulnerability | |||||
| CVE-2023-36003 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2024-05-29 | N/A | 7.3 HIGH |
| XAML Diagnostics Elevation of Privilege Vulnerability | |||||
| CVE-2024-26198 | 2024-05-29 | N/A | 8.8 HIGH | ||
| Microsoft Exchange Server Remote Code Execution Vulnerability | |||||
| CVE-2024-21435 | 2024-05-29 | N/A | 8.8 HIGH | ||
| Windows OLE Remote Code Execution Vulnerability | |||||
| CVE-2024-21325 | 1 Microsoft | 1 Printer Metadata Troubleshooter Tool | 2024-05-29 | N/A | 7.8 HIGH |
| Microsoft Printer Metadata Troubleshooter Tool Remote Code Execution Vulnerability | |||||