Total
473 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-29482 | 3 Debian, Fedoraproject, Xen | 3 Debian Linux, Fedora, Xen | 2023-11-07 | 4.9 MEDIUM | 6.0 MEDIUM |
| An issue was discovered in Xen through 4.14.x. A guest may access xenstore paths via absolute paths containing a full pathname, or via a relative path, which implicitly includes /local/domain/$DOMID for their own domain id. Management tools must access paths in guests' namespaces, necessarily using absolute paths. oxenstored imposes a pathname limit that is applied solely to the relative or absolute path specified by the client. Therefore, a guest can create paths in its own namespace which are too long for management tools to access. Depending on the toolstack in use, a malicious guest administrator might cause some management tools and debugging operations to fail. For example, a guest administrator can cause "xenstore-ls -r" to fail. However, a guest administrator cannot prevent the host administrator from tearing down the domain. All systems using oxenstored are vulnerable. Building and using oxenstored is the default in the upstream Xen distribution, if the Ocaml compiler is available. Systems using C xenstored are not vulnerable. | |||||
| CVE-2019-5429 | 3 Debian, Fedoraproject, Filezilla-project | 3 Debian Linux, Fedora, Filezilla Client | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacker to gain privileges via a malicious 'fzsftp' binary in the user's home directory. | |||||
| CVE-2019-3648 | 1 Mcafee | 3 Anti-virus Plus, Internet Security, Total Protection | 2023-11-07 | 7.2 HIGH | 6.7 MEDIUM |
| A Privilege Escalation vulnerability in the Microsoft Windows client in McAfee Total Protection 16.0.R22 and earlier allows administrators to execute arbitrary code via carefully placing malicious files in specific locations protected by administrator permission. | |||||
| CVE-2019-3646 | 1 Mcafee | 1 Total Protection | 2023-11-07 | 6.0 MEDIUM | 6.5 MEDIUM |
| DLL Search Order Hijacking vulnerability in Microsoft Windows client in McAfee Total Protection (MTP) Free Antivirus Trial 16.0.R18 and earlier allows local users to execute arbitrary code via execution from a compromised folder placed by an attacker with administrator rights. | |||||
| CVE-2019-3587 | 2 Mcafee, Microsoft | 2 Total Protection, Windows | 2023-11-07 | 6.8 MEDIUM | 6.5 MEDIUM |
| DLL Search Order Hijacking vulnerability in Microsoft Windows client in McAfee Total Protection (MTP) Prior to 16.0.18 allows local users to execute arbitrary code via execution from a compromised folder. | |||||
| CVE-2019-11660 | 1 Microfocus | 1 Data Protector | 2023-11-07 | 7.2 HIGH | 7.8 HIGH |
| Privileges manipulation in Micro Focus Data Protector, versions 10.00, 10.01, 10.02, 10.03, 10.04, 10.10, 10.20, 10.30, 10.40. This vulnerability could be exploited by a low-privileged user to execute a custom binary with higher privileges. | |||||
| CVE-2018-6700 | 1 Mcafee | 1 True Key | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| DLL Search Order Hijacking vulnerability in Microsoft Windows Client in McAfee True Key (TK) before 5.1.165 allows local users to execute arbitrary code via specially crafted malware. | |||||
| CVE-2018-6661 | 2 Mcafee, Microsoft | 2 True Key, Windows | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| DLL Side-Loading vulnerability in Microsoft Windows Client in McAfee True Key before 4.20.110 allows local users to gain privilege elevation via not verifying a particular DLL file signature. | |||||
| CVE-2018-0601 | 1 Axpdfium Project | 1 Axpdfium | 2023-11-07 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in axpdfium v0.01 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-12480 | 1 Sandboxie | 1 Sandboxie Installer | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Sandboxie installer 5071703 has a DLL Hijacking or Unsafe DLL Loading Vulnerability via a Trojan horse dwmapi.dll or profapi.dll file in an AppData\Local\Temp directory. | |||||
| CVE-2008-5983 | 3 Canonical, Fedoraproject, Python | 3 Ubuntu Linux, Fedora, Python | 2023-11-07 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in the PySys_SetArgv API function in Python 2.6 and earlier, and possibly later versions, prepends an empty string to sys.path when the argv[0] argument does not contain a path separator, which might allow local users to execute arbitrary code via a Trojan horse Python file in the current working directory. | |||||
| CVE-2021-26738 | 1 Zscaler | 1 Client Connector | 2023-10-27 | N/A | 7.8 HIGH |
| Zscaler Client Connector for macOS prior to 3.7 had an unquoted search path vulnerability via the PATH variable. A local adversary may be able to execute code with root privileges. | |||||
| CVE-2022-26184 | 2 Microsoft, Python-poetry | 2 Windows, Poetry | 2023-10-23 | 7.5 HIGH | 9.8 CRITICAL |
| Poetry v1.1.9 and below was discovered to contain an untrusted search path which causes the application to behave in unexpected ways when users execute Poetry commands in a directory containing malicious content. This vulnerability occurs when the application is ran on Windows OS. | |||||
| CVE-2022-4883 | 1 X.org | 1 Libxpm | 2023-10-17 | N/A | 8.8 HIGH |
| A flaw was found in libXpm. When processing files with .Z or .gz extensions, the library calls external programs to compress and uncompress files, relying on the PATH environment variable to find these programs, which could allow a malicious user to execute other programs by manipulating the PATH environment variable. | |||||
| CVE-2023-39201 | 1 Zoom | 1 Cleanzoom | 2023-09-16 | N/A | 6.7 MEDIUM |
| Untrusted search path in CleanZoom before file date 07/24/2023 may allow a privileged user to conduct an escalation of privilege via local access. | |||||
| CVE-2023-40590 | 1 Gitpython Project | 1 Gitpython | 2023-09-05 | N/A | 7.8 HIGH |
| GitPython is a python library used to interact with Git repositories. When resolving a program, Python/Windows look for the current working directory, and after that the PATH environment. GitPython defaults to use the `git` command, if a user runs GitPython from a repo has a `git.exe` or `git` executable, that program will be run instead of the one in the user's `PATH`. This is more of a problem on how Python interacts with Windows systems, Linux and any other OS aren't affected by this. But probably people using GitPython usually run it from the CWD of a repo. An attacker can trick a user to download a repository with a malicious `git` executable, if the user runs/imports GitPython from that directory, it allows the attacker to run any arbitrary commands. There is no fix currently available for windows users, however there are a few mitigations. 1: Default to an absolute path for the git program on Windows, like `C:\\Program Files\\Git\\cmd\\git.EXE` (default git path installation). 2: Require users to set the `GIT_PYTHON_GIT_EXECUTABLE` environment variable on Windows systems. 3: Make this problem prominent in the documentation and advise users to never run GitPython from an untrusted repo, or set the `GIT_PYTHON_GIT_EXECUTABLE` env var to an absolute path. 4: Resolve the executable manually by only looking into the `PATH` environment variable. | |||||
| CVE-2023-29299 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2023-08-15 | N/A | 4.7 MEDIUM |
| Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Untrusted Search Path vulnerability that could lead to Application denial-of-service. An attacker could leverage this vulnerability if the default PowerShell Set-ExecutionPolicy is set to Unrestricted, making the attack complexity high. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-39212 | 1 Zoom | 1 Rooms | 2023-08-15 | N/A | 5.5 MEDIUM |
| Untrusted search path in Zoom Rooms for Windows before version 5.15.5 may allow an authenticated user to enable a denial of service via local access. | |||||
| CVE-2023-36540 | 1 Zoom | 1 Zoom | 2023-08-11 | N/A | 7.8 HIGH |
| Untrusted search path in the installer for Zoom Desktop Client for Windows before 5.14.5 may allow an authenticated user to enable an escalation of privilege via local access. | |||||
| CVE-2021-36666 | 1 Druva | 1 Insync Client | 2023-08-08 | 7.2 HIGH | 7.8 HIGH |
| An issue was discovered in Druva 6.9.0 for MacOS, allows attackers to gain escalated local privileges via the inSyncDecommission. | |||||