Security Vulnerabilities, CVEs, Published In January 2017 (File inclusion)
Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.
Max CVSS
7.5
EPSS Score
10.16%
Published
2017-01-05
Updated
2023-07-20
Multiple untrusted search path vulnerabilities in Putty beta 0.67 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) UxTheme.dll or (2) ntmarta.dll file in the current working directory.
Max CVSS
7.8
EPSS Score
0.11%
Published
2017-01-30
Updated
2022-05-01
CVE-2016-4806
Public exploit
Web2py versions 2.14.5 and below was affected by Local File Inclusion vulnerability, which allows a malicious intended user to read/access web server sensitive files.
Max CVSS
7.5
EPSS Score
0.63%
Published
2017-01-11
Updated
2017-01-19
Untrusted search path vulnerability in Snort 2.9.7.0-WIN32 allows remote attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse tcapi.dll that is located in the same folder on a remote file share as a pcap file that is being processed.
Max CVSS
8.8
EPSS Score
16.93%
Published
2017-01-23
Updated
2018-10-09
Untrusted search path vulnerability in the installer for TrueCrypt 7.2 and 7.1a, VeraCrypt before 1.17-BETA, and possibly other products allows local users to execute arbitrary code with administrator privileges and conduct DLL hijacking attacks via a Trojan horse DLL in the "application directory", as demonstrated with the USP10.dll, RichEd20.dll, NTMarta.dll and SRClient.dll DLLs.
Max CVSS
7.8
EPSS Score
0.08%
Published
2017-01-23
Updated
2017-01-27
5 vulnerabilities found