Total
710 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-25143 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2023-03-15 | N/A | 9.8 CRITICAL |
| An uncontrolled search path element vulnerability in the Trend Micro Apex One Server installer could allow an attacker to achieve a remote code execution state on affected products. | |||||
| CVE-2023-23554 | 1 Sraoss | 1 Pg Ivm | 2023-03-14 | N/A | 8.8 HIGH |
| Uncontrolled search path element vulnerability exists in pg_ivm versions prior to 1.5.1. When refreshing an IMMV, pg_ivm executes functions without specifying schema names. Under certain conditions, pg_ivm may be tricked to execute unexpected functions from other schemas with the IMMV owner's privilege. If this vulnerability is exploited, an unexpected function provided by an attacker may be executed with the privilege of the materialized view owner. | |||||
| CVE-2022-37329 | 1 Intel | 2 Fpga Software Development Kit, Quartus Prime | 2023-03-06 | N/A | 7.3 HIGH |
| Uncontrolled search path in some Intel(R) Quartus(R) Prime Pro and Standard Edition software may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-37340 | 1 Intel | 1 Quickassist Technology | 2023-03-06 | N/A | 7.3 HIGH |
| Uncontrolled search path in some Intel(R) QAT drivers for Windows before version 1.6 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-41314 | 1 Intel | 16 Administrative Tools For Intel Network Adapters, Ethernet Controller E810, Ethernet Network Adapter E810-cqda1 and 13 more | 2023-03-06 | N/A | 7.8 HIGH |
| Uncontrolled search path in some Intel(R) Network Adapter installer software may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-36398 | 1 Intel | 1 Battery Life Diagnostic Tool | 2023-03-02 | N/A | 7.8 HIGH |
| Uncontrolled search path in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-25905 | 1 Intel | 1 Oneapi Data Analytics Library | 2023-02-28 | N/A | 7.3 HIGH |
| Uncontrolled search path element in the Intel(R) oneAPI Data Analytics Library (oneDAL) before version 2021.5 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-26052 | 1 Intel | 1 Mpi Library | 2023-02-28 | N/A | 7.3 HIGH |
| Uncontrolled search path element in the Intel(R) MPI Library before version 2021.6 for Intel(R) oneAPI HPC Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-26062 | 1 Intel | 1 Trace Analyzer And Collector | 2023-02-28 | N/A | 7.3 HIGH |
| Uncontrolled search path element in the Intel(R) Trace Analyzer and Collector before version 2021.6 for Intel(R) oneAPI HPC Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-26076 | 1 Intel | 1 Oneapi Deep Neural Network | 2023-02-28 | N/A | 7.3 HIGH |
| Uncontrolled search path element in the Intel(R) oneAPI Deep Neural Network (oneDNN) before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-26345 | 1 Intel | 1 Openmp | 2023-02-28 | N/A | 7.3 HIGH |
| Uncontrolled search path element in the Intel(R) oneAPI Toolkit OpenMP before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-26421 | 1 Intel | 1 Oneapi Dpc\+\+\/c\+\+ Compiler Runtime | 2023-02-28 | N/A | 7.3 HIGH |
| Uncontrolled search path element in the Intel(R) oneAPI DPC++/C++ Compiler Runtime before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-26425 | 1 Intel | 1 Oneapi Collective Communications Library | 2023-02-28 | N/A | 7.3 HIGH |
| Uncontrolled search path element in the Intel(R) oneAPI Collective Communications Library (oneCCL) before version 2021.6 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-26512 | 1 Intel | 1 Fpga Add-on | 2023-02-28 | N/A | 7.3 HIGH |
| Uncontrolled search path element in the Intel(R) FPGA Add-on for Intel(R) oneAPI Base Toolkit before version 2022.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-32972 | 1 Infoblox | 1 Bloxone Endpoint | 2023-02-25 | N/A | 7.8 HIGH |
| Infoblox BloxOne Endpoint for Windows through 2.2.7 allows DLL injection that can result in local privilege escalation. | |||||
| CVE-2022-48077 | 1 Genymotion | 1 Genymotion Desktop | 2023-02-21 | N/A | 7.8 HIGH |
| Genymotion Desktop v3.3.2 was discovered to contain a DLL hijacking vulnerability that allows attackers to escalate privileges and execute arbitrary code via a crafted DLL. | |||||
| CVE-2022-41141 | 1 Windscribe | 1 Windscribe | 2023-02-03 | N/A | 7.8 HIGH |
| This vulnerability allows local attackers to escalate privileges on affected installations of Windscribe. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of OpenSSL. The product loads an OpenSSL configuration file from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-16859. | |||||
| CVE-2019-4473 | 1 Ibm | 1 Java | 2023-01-31 | 4.6 MEDIUM | 7.8 HIGH |
| Multiple binaries in IBM SDK, Java Technology Edition 7, 7R, and 8 on the AIX platform use insecure absolute RPATHs, which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 163984. | |||||
| CVE-2019-6564 | 1 Ge | 1 Ge Communicator | 2023-01-31 | 6.9 MEDIUM | 7.8 HIGH |
| GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to place malicious files within the installer file directory, which may allow an attacker to gain administrative privileges on a system during installation or upgrade. | |||||
| CVE-2019-6534 | 1 Gemalto | 1 Sentinel Ultrapro Client Library | 2023-01-31 | 6.8 MEDIUM | 7.8 HIGH |
| The uncontrolled search path element vulnerability in Gemalto Sentinel UltraPro Client Library ux32w.dll Versions 1.3.0, 1.3.1, and 1.3.2 enables an attacker to load and execute a malicious file. | |||||