CVE & Exploit Intelligence Database

CVE-2020-0565 7.8 HIGH EPSS 0.00

Uncontrolled search path in Intel(R) Graphics Drivers before version 26.20.100.7158 may allow an authenticated user to potentially enable escalation of privilege via local access.

CWE-427 Mar 12, 2020

CVE-2020-0515 7.8 HIGH EPSS 0.00

Uncontrolled search path element in the installer for Intel(R) Graphics Drivers before versions 26.20.100.7584, 15.45.30.5103, 15.40.44.5107, 15.36.38.5117, and 15.33.49.5100 may allow an authenticated user to potentially enable escalation of privilege via local access

CWE-427 Mar 12, 2020

CVE-2020-5324 7.1 HIGH EPSS 0.00

Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability. The vulnerability is limited to the Dell Firmware Update Utility during the time window while being executed by an administrator. During this time window, a locally authenticated low-privileged malicious user could exploit this vulnerability by tricking an administrator into overwriting arbitrary files via a symlink attack. The vulnerability does not affect the actual binary payload that the update utility delivers.

CWE-427 Feb 21, 2020

CVE-2020-8601 7.8 HIGH EPSS 0.00

Trend Micro Vulnerability Protection 2.0 is affected by a vulnerability that could allow an attack to use the product installer to load other DLL files located in the same directory.

CWE-427 Feb 20, 2020

CVE-2019-14688 7.0 HIGH EPSS 0.00

Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. The vulnerability was found to ONLY be exploitable during an initial product installation by an authorized user. The attacker must convince the target to download malicious DLL locally which must be present when the installer is run.

CWE-427 Feb 20, 2020

CVE-2020-3153 6.5 MEDIUM KEV RANSOMWARE 4 PoCs Analysis EPSS 0.25

A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to copy user-supplied files to system level directories with system level privileges. The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a malicious file and copying the file to a system directory. An exploit could allow the attacker to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks. To exploit this vulnerability, the attacker needs valid credentials on the Windows system.

CWE-427 Feb 19, 2020

CVE-2020-8959 7.8 HIGH EPSS 0.00

Western Digital WesternDigitalSSDDashboardSetup.exe before 3.0.2.0 allows DLL Hijacking.

CWE-427 Feb 19, 2020

CVE-2020-5821 7.8 HIGH EPSS 0.00

Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a DLL injection vulnerability, which is a type of issue whereby an individual attempts to execute their own code in place of legitimate code as a means to perform an exploit.

CWE-427 Feb 11, 2020

CVE-2019-20406 7.8 HIGH EPSS 0.00

The usage of Tomcat in Confluence on the Microsoft Windows operating system before version 7.0.5, and from version 7.1.0 before version 7.1.1 allows local system attackers who have permission to write a DLL file in a directory in the global path environmental variable variable to inject code & escalate their privileges via a DLL hijacking vulnerability.

CWE-427 Feb 06, 2020

CVE-2019-20400 7.8 HIGH EPSS 0.00

The usage of Tomcat in Jira before version 8.5.2 allows local attackers with permission to write a dll file to a directory in the global path environmental variable can inject code into via a DLL hijacking vulnerability.

CWE-427 Feb 06, 2020

CVE-2019-20358 7.8 HIGH EPSS 0.04

Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below have a vulnerability that may allow an attacker to place malicious files in the same directory, potentially leading to arbitrary remote code execution (RCE) when executed. Another attack vector similar to CVE-2019-9491 was idenitfied and resolved in version 1.62.0.1228 of the tool.

CWE-427 Jan 30, 2020

CVE-2013-0725 7.8 HIGH EPSS 0.00

ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary code execution vulnerabilities

CWE-427 Jan 30, 2020

CVE-2020-8315 5.5 MEDIUM EPSS 0.00

In Python (CPython) 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1, an insecure dependency load upon launch on Windows 7 may result in an attacker's copy of api-ms-win-core-path-l1-1-0.dll being loaded and used instead of the system's copy. Windows 8 and later are unaffected.

CWE-427 Jan 28, 2020

CVE-2019-6858 7.8 HIGH EPSS 0.00

A CWE-427:Uncontrolled Search Path Element vulnerability exists in MSX Configurator (Software Version prior to V1.0.8.1), which could cause privilege escalation when injecting a malicious DLL.

CWE-427 Jan 22, 2020

CVE-2019-14600 6.7 MEDIUM EPSS 0.00

Uncontrolled search path element in the installer for Intel(R) SNMP Subagent Stand-Alone for Windows* may allow an authenticated user to potentially enable escalation of privilege via local access.

CWE-427 Jan 17, 2020

CVE-2016-6592 7.8 HIGH EPSS 0.01

A vulnerability was found in Symantec Norton Download Manager versions prior to 5.6. A remote user can create a specially crafted DLL file that, when placed on the target user's system, will cause the Norton Download Manager component to load the remote user's DLL instead of the intended DLL and execute arbitrary code when the Norton Download Manager component is run by the target user.

CWE-427 Jan 14, 2020

CVE-2016-5311 7.8 HIGH EPSS 0.00

A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges.

CWE-427 Jan 09, 2020

CVE-2019-19954 7.3 HIGH 1 Writeup EPSS 0.00

Signal Desktop before 1.29.1 on Windows allows local users to gain privileges by creating a Trojan horse %SYSTEMDRIVE%\node_modules\.bin\wmic.exe file.

CWE-427 Dec 24, 2019

CVE-2019-5539 7.8 HIGH EPSS 0.00

VMware Workstation (15.x prior to 15.5.1) and Horizon View Agent (7.10.x prior to 7.10.1 and 7.5.x prior to 7.5.4) contain a DLL hijacking vulnerability due to insecure loading of a DLL by Cortado Thinprint. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to administrator on a Windows machine where Workstation or View Agent is installed.

CWE-427 Dec 23, 2019

CVE-2019-19689 7.8 HIGH EPSS 0.00

Trend Micro HouseCall for Home Networks (versions below 5.3.0.1063) could be exploited via a DLL Hijack related to a vulnerability on the packer that the program uses.

CWE-427 Dec 18, 2019