Total
710 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-37130 | 2024-06-11 | N/A | 7.3 HIGH | ||
| Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains a Local Privilege Escalation vulnerability via XSL Hijacking. A local low-privileged malicious user could potentially exploit this vulnerability and escalate their privilege to the admin user and gain full control of the machine. Exploitation may lead to a complete system compromise. | |||||
| CVE-2024-5509 | 2024-06-07 | N/A | 7.8 HIGH | ||
| Luxion KeyShot BIP File Parsing Uncontrolled Search Path Element Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BIP files. The issue results from loading a library from an unsecured location. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22738. | |||||
| CVE-2024-2637 | 2024-05-27 | N/A | 7.2 HIGH | ||
| An Uncontrolled Search Path Element vulnerability in B&R Industrial Automation Scene Viewer, B&R Industrial Automation Automation Runtime, B&R Industrial Automation mapp Vision, B&R Industrial Automation mapp View, B&R Industrial Automation mapp Cockpit, B&R Industrial Automation mapp Safety, B&R Industrial Automation VC4 could allow an authenticated local attacker to execute malicious code by placing specially crafted files in the loading search path.This issue affects Scene Viewer: before 4.4.0; Automation Runtime: before J4.93; mapp Vision: before 5.26.1; mapp View: before 5.24.2; mapp Cockpit: before 5.24.2; mapp Safety: before 5.24.2; VC4: before 4.73.2. | |||||
| CVE-2024-5292 | 2024-05-24 | N/A | 7.3 HIGH | ||
| D-Link Network Assistant Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of D-Link Network Assistant. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DNACore service. The service loads a file from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-21426. | |||||
| CVE-2023-35192 | 2024-05-17 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path in some Intel(R) GPA Framework software before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-21862 | 2024-05-17 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path in some Intel(R) Quartus(R) Prime Standard Edition Design software before version 23.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-39929 | 2024-05-17 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path in some Libva software maintained by Intel(R) before version 2.20.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-21818 | 2024-05-17 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path in some Intel(R) PCM software before version 202311 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-22379 | 2024-05-17 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path in some Intel(R) Inspector software before version 2024.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-21774 | 2024-05-17 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path in some Intel(R) Processor Identification Utility software before versions 6.10.34.1129, 7.1.6 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-45743 | 2024-05-17 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path in some Intel(R) DSA software uninstallers before version 23.4.39.10 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-21861 | 2024-05-17 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path in some Intel(R) GPA Framework software before version 2023.4 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-21772 | 2024-05-17 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path in some Intel(R) Advisor software before version 2024.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-41961 | 2024-05-17 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path in some Intel(R) GPA software before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-21837 | 2024-05-17 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path in some Intel(R) Quartus(R) Prime Lite Edition Design software before version 23.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-21814 | 2024-05-17 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path for some Intel(R) Chipset Device Software before version 10.1.19444.8378 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-21841 | 2024-05-17 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path for some Intel(R) Distribution for GDB software before version 2024.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-21788 | 2024-05-17 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path in some Intel(R) GPA software before version 2023.4 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-43751 | 2024-05-17 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path in Intel(R) Graphics Command Center Service bundled in some Intel(R) Graphics Windows DCH driver software before versions 31.0.101.3790/31.0.101.2114 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-21777 | 2024-05-17 | N/A | 6.7 MEDIUM | ||
| Uncontrolled search path in some Intel(R) Quartus(R) Prime Pro Edition Design software before version 23.4 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||