CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Related To CWE-427

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
101 CVE-2020-16143 427 2020-07-29 2020-08-05
4.4
None Local Medium Not required Partial Partial Partial
The seafile-client client 7.0.8 for Seafile is vulnerable to DLL hijacking because it loads exchndl.dll from the current working directory.
102 CVE-2020-15657 427 2020-08-10 2020-08-14
6.9
None Local Medium Not required Complete Complete Complete
Firefox could be made to load attacker-supplied DLL files from the installation directory. This required an attacker that is already capable of placing files in the installation directory. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
103 CVE-2020-15523 427 2020-07-04 2021-07-21
6.9
None Local Medium Not required Complete Complete Complete
In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application. This occurs because python3X.dll may use an invalid search path for python3.dll loading (after Py_SetPath has been used). NOTE: this issue CANNOT occur when using python.exe from a standard (non-embedded) Python installation on Windows.
104 CVE-2020-15167 427 2020-09-02 2021-11-18
4.4
None Local Medium Not required Partial Partial Partial
In Miller (command line utility) using the configuration file support introduced in version 5.9.0, it is possible for an attacker to cause Miller to run arbitrary code by placing a malicious `.mlrrc` file in the working directory. See linked GitHub Security Advisory for complete details. A fix is ready and will be released as Miller 5.9.1.
105 CVE-2020-13771 427 Exec Code +Priv 2020-11-12 2020-11-24
6.9
None Local Medium Not required Complete Complete Complete
Various components in Ivanti Endpoint Manager through 2020.1.1 rely on Windows search order when loading a (nonexistent) library file, allowing (under certain conditions) one to gain code execution (and elevation of privileges to the level of privilege held by the vulnerable component such as NT AUTHORITY\SYSTEM) via DLL hijacking. This affects ldiscn32.exe, IpmiRedirectionService.exe, LDAPWhoAmI.exe, and ldprofile.exe.
106 CVE-2020-13177 427 Exec Code +Priv 2020-08-11 2020-08-13
4.4
None Local Medium Not required Partial Partial Partial
The support bundler in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows versions prior to 20.04.1 and 20.07.0 does not use hard coded paths for certain Windows binaries, which allows an attacker to gain elevated privileges via execution of a malicious binary placed in the system path.
107 CVE-2020-13110 427 Exec Code 2020-05-16 2020-05-20
6.9
None Local Medium Not required Complete Complete Complete
The kerberos package before 1.0.0 for Node.js allows arbitrary code execution and privilege escalation via injection of malicious DLLs through use of the kerberos_sspi LoadLibrary() method, because of a DLL path search.
108 CVE-2020-12431 427 2020-05-21 2021-07-21
6.3
None Local Medium Not required None Complete Complete
A Windows privilege change issue was discovered in Splashtop Software Updater before 1.5.6.16. Insecure permissions on the configuration file and named pipe allow for local privilege escalation to NT AUTHORITY/SYSTEM, by forcing a permission change to any Splashtop files and directories, with resultant DLL hijacking. This product is bundled with Splashtop Streamer (before 3.3.8.0) and Splashtop Business (before 3.3.8.0).
109 CVE-2020-12423 427 Exec Code 2020-07-09 2020-07-20
6.9
None Local Medium Not required Complete Complete Complete
When the Windows DLL "webauthn.dll" was missing from the Operating System, and a malicious one was placed in a folder in the user's %PATH%, Firefox may have loaded the DLL, leading to arbitrary code execution. *Note: This issue only affects the Windows operating system; other operating systems are unaffected.* This vulnerability affects Firefox < 78.
110 CVE-2020-12329 427 2020-11-12 2020-11-30
4.6
None Local Low Not required Partial Partial Partial
Uncontrolled search path in the Intel(R) VTune(TM) Profiler before version 2020 Update 1 may allow an authenticated user to potentially enable escalation of privilege via local access.
111 CVE-2020-12320 427 2020-11-12 2020-11-30
4.6
None Local Low Not required Partial Partial Partial
Uncontrolled search path in Intel(R) SCS Add-on for Microsoft* SCCM before version 2.1.10 may allow an authenticated user to potentially enable escalation of privilege via local access.
112 CVE-2020-11634 427 Exec Code 2021-07-15 2021-07-27
6.9
None Local Medium Not required Complete Complete Complete
The Zscaler Client Connector for Windows prior to 2.1.2.105 had a DLL hijacking vulnerability caused due to the configuration of OpenSSL. A local adversary may be able to execute arbitrary code in the SYSTEM context.
113 CVE-2020-11613 427 2020-06-11 2021-07-21
4.4
None Local Medium Not required Partial Partial Partial
Mids' Reborn Hero Designer 2.6.0.7 has an elevation of privilege vulnerability due to default and insecure permissions being set for the installation folder. By default, the Authenticated Users group has Modify permissions to the installation folder. Because of this, any user on the system can replace binaries or plant malicious DLLs to obtain elevated, or different, privileges, depending on the context of the user that runs the application.
114 CVE-2020-10626 427 Exec Code 2020-05-14 2020-05-19
6.9
None Local Medium Not required Complete Complete Complete
In Fazecast jSerialComm, Version 2.2.2 and prior, an uncontrolled search path element vulnerability could allow a malicious DLL file with the same name of any resident DLLs inside the software installation to execute arbitrary code.
115 CVE-2020-10616 427 Exec Code 2020-05-14 2020-05-18
6.8
None Remote Medium Not required Partial Partial Partial
Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC does not specify the path of multiple imported .dll files. Therefore, an attacker can replace them and execute code whenever the service starts.
116 CVE-2020-10515 427 Exec Code 2020-04-02 2020-04-06
10.0
None Remote Low Not required Complete Complete Complete
STARFACE UCC Client before 6.7.1.204 on WIndows allows binary planting to execute code with System rights, aka usd-2020-0006.
117 CVE-2020-9858 427 Exec Code 2020-06-09 2020-06-15
4.4
None Local Medium Not required Partial Partial Partial
A dynamic library loading issue was addressed with improved path searching. This issue is fixed in Windows Migration Assistant 2.2.0.0 (v. 1A11). Running the installer in an untrusted directory may result in arbitrary code execution.
118 CVE-2020-9767 427 2020-08-14 2020-08-21
7.2
None Local Low Not required Complete Complete Complete
A vulnerability related to Dynamic-link Library (“DLL”) loading in the Zoom Sharing Service would allow an attacker who had local access to a machine on which the service was running with elevated privileges to elevate their system privileges as well through use of a malicious DLL. Zoom addressed this issue, which only applies to Windows users, in the 5.0.4 client release.
119 CVE-2020-9681 427 2021-04-16 2021-09-14
4.4
None Local Medium Not required Partial Partial Partial
Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An authenticated attacker could exploit this to rewrite the file of the administrator, which may lead to elevated permissions. Exploitation of this issue requires user interaction.
120 CVE-2020-9667 427 2021-04-16 2021-06-28
6.9
None Local Medium Not required Complete Complete Complete
Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An authenticated attacker with admin privileges could plant custom binaries and execute them with System permissions. Exploitation of this issue requires user interaction.
121 CVE-2020-9367 427 2021-03-18 2021-03-25
6.9
None Local Medium Not required Complete Complete Complete
The MPS Agent in Zoho ManageEngine Desktop Central MSP build MSP build 10.0.486 is vulnerable to DLL Hijacking: dcinventory.exe and dcconfig.exe try to load CSUNSAPI.dll without supplying the complete path. The issue is aggravated because this DLL is missing from the installation, thus making it possible to hijack the DLL and subsequently inject code, leading to an escalation of privilege to NT AUTHORITY\SYSTEM.
122 CVE-2020-9290 427 Exec Code 2020-03-15 2020-03-17
6.9
None Local Medium Not required Complete Complete Complete
An Unsafe Search Path vulnerability in FortiClient for Windows online installer 6.2.3 and below may allow a local attacker with control over the directory in which FortiClientOnlineInstaller.exe and FortiClientVPNOnlineInstaller.exe resides to execute arbitrary code on the system via uploading malicious Filter Library DLL files in that directory.
123 CVE-2020-9287 427 Exec Code 2020-03-15 2020-03-17
6.9
None Local Medium Not required Complete Complete Complete
An Unsafe Search Path vulnerability in FortiClient EMS online installer 6.2.1 and below may allow a local attacker with control over the directory in which FortiClientEMSOnlineInstaller.exe resides to execute arbitrary code on the system via uploading malicious Filter Library DLL files in that directory.
124 CVE-2020-8959 427 2020-02-19 2020-02-27
4.4
None Local Medium Not required Partial Partial Partial
Western Digital WesternDigitalSSDDashboardSetup.exe before 3.0.2.0 allows DLL Hijacking.
125 CVE-2020-8895 427 Exec Code 2020-04-21 2020-05-04
4.4
None Local Medium Not required Partial Partial Partial
Untrusted Search Path vulnerability in the windows installer of Google Earth Pro versions prior to 7.3.3 allows an attacker to insert malicious local files to execute unauthenticated remote code on the targeted system.
126 CVE-2020-8702 427 2021-06-09 2021-06-22
4.4
None Local Medium Not required Partial Partial Partial
Uncontrolled search path element in the Intel(R) Processor Diagnostic Tool before version 4.1.5.37 may allow an authenticated user to potentially enable escalation of privilege via local access.
127 CVE-2020-8687 427 2020-08-13 2020-08-19
4.6
None Local Low Not required Partial Partial Partial
Uncontrolled search path in the installer for Intel(R) RSTe Software RAID Driver for the Intel(R) Server Board M10JNP2SB before version 4.7.0.1119 may allow an authenticated user to potentially enable escalation of privilege via local access.
128 CVE-2020-8601 427 2020-02-20 2020-02-25
4.6
None Local Low Not required Partial Partial Partial
Trend Micro Vulnerability Protection 2.0 is affected by a vulnerability that could allow an attack to use the product installer to load other DLL files located in the same directory.
129 CVE-2020-8469 427 2020-03-12 2020-06-23
6.9
None Local Medium Not required Complete Complete Complete
Trend Micro Password Manager for Windows version 5.0 is affected by a DLL hijacking vulnerability would could potentially allow an attacker privleged escalation.
130 CVE-2020-8345 427 2020-10-14 2020-10-26
4.4
None Local Medium Not required Partial Partial Partial
A DLL search path vulnerability was reported in the Lenovo HardwareScan Plugin for the Lenovo Vantage hardware scan feature prior to version 1.0.46.11 that could allow escalation of privilege.
131 CVE-2020-7585 427 Exec Code 2020-06-10 2021-04-22
4.6
None Local Low Not required Partial Partial Partial
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information.
132 CVE-2020-7474 427 Exec Code 2020-03-23 2020-03-25
4.4
None Local Medium Not required Partial Partial Partial
A CWE-427: Uncontrolled Search Path Element vulnerability exists in ProSoft Configurator (v1.002 and prior), for the PMEPXM0100 (H) module, which could cause the execution of untrusted code when using double click to open a project file which may trigger execution of a malicious DLL.
133 CVE-2020-7360 427 2020-08-13 2020-08-19
6.9
None Local Medium Not required Complete Complete Complete
An Uncontrolled Search Path Element (CWE-427) vulnerability in SmartControl version 4.3.15 and versions released before April 15, 2020 may allow an authenticated user to escalate privileges by placing a specially crafted DLL file in the search path. This issue was fixed in version 1.0.7, which was released after April 15, 2020. (Note, the version numbering system changed significantly between version 4.3.15 and version 1.0.7.)
134 CVE-2020-7358 427 2020-09-18 2020-09-28
4.4
None Local Medium Not required Partial Partial Partial
In AppSpider installer versions prior to 7.2.126, the AppSpider installer calls an executable which can be placed in the appropriate directory by an attacker with access to the local machine. This would prevent the installer from distinguishing between a valid executable called during an installation and any arbitrary code executable using the same file name.
135 CVE-2020-7312 427 Exec Code 2020-09-10 2020-09-15
4.6
None Local Low Not required Partial Partial Partial
DLL Search Order Hijacking Vulnerability in the installer in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to execute arbitrary code and escalate privileges via execution from a compromised folder.
136 CVE-2020-6790 427 Exec Code 2021-03-25 2021-03-25
6.9
None Local Medium Not required Complete Complete Complete
Calling an executable through an Uncontrolled Search Path Element in the Bosch Video Streaming Gateway installer up to and including version 6.45.10 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious exe in the same directory where the installer is started from.
137 CVE-2020-6789 427 Exec Code 2021-03-25 2021-03-25
6.9
None Local Medium Not required Complete Complete Complete
Loading a DLL through an Uncontrolled Search Path Element in the Bosch Monitor Wall installer up to and including version 10.00.0164 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from.
138 CVE-2020-6788 427 Exec Code 2021-03-25 2021-03-25
6.9
None Local Medium Not required Complete Complete Complete
Loading a DLL through an Uncontrolled Search Path Element in the Bosch Configuration Manager installer up to and including version 7.21.0078 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from.
139 CVE-2020-6787 427 Exec Code 2021-03-25 2021-03-25
6.9
None Local Medium Not required Complete Complete Complete
Loading a DLL through an Uncontrolled Search Path Element in the Bosch Video Client installer up to and including version 1.7.6.079 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from.
140 CVE-2020-6786 427 Exec Code 2021-03-25 2021-03-25
6.9
None Local Medium Not required Complete Complete Complete
Loading a DLL through an Uncontrolled Search Path Element in the Bosch Video Recording Manager installer up to and including version 3.82.0055 for 3.82, up to and including version 3.81.0064 for 3.81 and 3.71 and older potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from.
141 CVE-2020-6785 427 Exec Code 2021-03-25 2021-03-25
6.9
None Local Medium Not required Complete Complete Complete
Loading a DLL through an Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer in versions 10.1.0, 10.0.1, 10.0.0 and 9.0.0 and older potentially allows an attacker to execute arbitrary code on a victim's system. This affects both the installer as well as the installed application. This also affects Bosch DIVAR IP 7000 R2, Bosch DIVAR IP all-in-one 5000 and Bosch DIVAR IP all-in-one 7000 with installers and installed BVMS versions prior to BVMS 10.1.1.
142 CVE-2020-6771 427 Exec Code 2021-03-25 2021-03-25
6.9
None Local Medium Not required Complete Complete Complete
Loading a DLL through an Uncontrolled Search Path Element in Bosch IP Helper up to and including version 1.00.0008 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same application directory as the portable IP Helper application.
143 CVE-2020-6654 427 Exec Code 2020-09-30 2020-10-16
4.4
None Local Medium Not required Partial Partial Partial
A DLL Hijacking vulnerability in Eaton's 9000x Programming and Configuration Software v 2.0.38 and prior allows an attacker to execute arbitrary code by replacing the required DLLs with malicious DLLs when the software try to load vci11un6.DLL and cinpl.DLL.
144 CVE-2020-6244 427 Exec Code 2020-05-12 2020-05-18
4.4
None Local Medium Not required Partial Partial Partial
SAP Business Client, version 7.0, allows an attacker after a successful social engineering attack to inject malicious code as a DLL file in untrusted directories that can be executed by the application, due to uncontrolled search path element. An attacker could thereby control the behavior of the application.
145 CVE-2020-6021 427 2020-12-03 2021-11-05
4.4
None Local Medium Not required Partial Partial Partial
Check Point Endpoint Security Client for Windows before version E84.20 allows write access to the directory from which the installation repair takes place. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted DLL in the repair folder which will run with the Endpoint client’s privileges.
146 CVE-2020-5992 427 Exec Code 2020-11-11 2020-11-23
4.4
None Local Medium Not required Partial Partial Partial
NVIDIA GeForce NOW application software on Windows, all versions prior to 2.0.25.119, contains a vulnerability in its open-source software dependency in which the OpenSSL library is vulnerable to binary planting attacks by a local user, which may lead to code execution or escalation of privileges.
147 CVE-2020-5977 427 DoS Exec Code 2020-10-23 2021-07-21
4.4
None Local Medium Not required Partial Partial Partial
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which may lead to code execution, denial of service, escalation of privileges, and information disclosure.
148 CVE-2020-5740 427 Exec Code 2020-04-22 2021-12-10
7.2
None Local Low Not required Complete Complete Complete
Improper Input Validation in Plex Media Server on Windows allows a local, unauthenticated attacker to execute arbitrary Python code with SYSTEM privileges.
149 CVE-2020-5681 427 +Priv 2020-12-24 2020-12-30
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in self-extracting files created by EpsonNet SetupManager versions 2.2.14 and earlier, and Offirio SynergyWare PrintDirector versions 1.6x/1.6y and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
150 CVE-2020-5419 427 Exec Code 2020-08-31 2020-09-10
4.6
None Local Low Not required Partial Partial Partial
RabbitMQ versions 3.8.x prior to 3.8.7 are prone to a Windows-specific binary planting security vulnerability that allows for arbitrary code execution. An attacker with write privileges to the RabbitMQ installation directory and local access on Windows could carry out a local binary hijacking (planting) attack and execute arbitrary code.
Total number of vulnerabilities : 263   Page : 1 2 3 (This Page)4 5 6
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.