# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2023-22947 |
427 |
|
|
2023-01-11 |
2023-01-23 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
** DISPUTED ** Insecure folder permissions in the Windows installation path of Shibboleth Service Provider (SP) before 3.4.1 allow an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in the service executable's folder. This occurs because the installation goes under C:\opt (rather than C:\Program Files) by default. NOTE: the vendor disputes the significance of this report, stating that "We consider the ACLs a best effort thing" and "it was a documentation mistake." |
2 |
CVE-2023-0247 |
427 |
|
|
2023-01-12 |
2023-01-20 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Uncontrolled Search Path Element in GitHub repository bits-and-blooms/bloom prior to 3.3.1. |
3 |
CVE-2022-46330 |
427 |
|
Exec Code |
2022-12-21 |
2023-01-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Squirrel.Windows is both a toolset and a library that provides installation and update functionality for Windows desktop applications. Installers generated by Squirrel.Windows 2.0.1 and earlier contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privilege of the user invoking the installer. |
4 |
CVE-2022-45422 |
427 |
|
|
2022-11-21 |
2022-11-23 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
When LG SmartShare is installed, local privilege escalation is possible through DLL Hijacking attack. The LG ID is LVE-HOT-220005. |
5 |
CVE-2022-44939 |
427 |
|
Exec Code |
2023-01-06 |
2023-01-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Efs Software Easy Chat Server Version 3.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. This vulnerability allows attackers to execute arbitrary code via a crafted DLL. |
6 |
CVE-2022-44744 |
427 |
|
|
2022-11-07 |
2022-11-08 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107. |
7 |
CVE-2022-43751 |
427 |
|
Exec Code |
2022-11-23 |
2022-11-28 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
McAfee Total Protection prior to version 16.0.49 contains an uncontrolled search path element vulnerability due to the use of a variable pointing to a subdirectory that may be controllable by an unprivileged user. This may have allowed the unprivileged user to execute arbitrary code with system privileges. |
8 |
CVE-2022-43722 |
427 |
|
|
2022-12-13 |
2022-12-15 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0). Affected software does not properly secure a folder containing library files. This could allow an attacker to place a custom malicious DLL in this folder which is then run with SYSTEM rights when a service is started that requires this DLL. At the time of assigning the CVE, the affected firmware version of the component has already been superseded by succeeding mainline versions. |
9 |
CVE-2022-43310 |
427 |
|
|
2022-11-09 |
2022-11-15 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
An Uncontrolled Search Path Element in Foxit Software released Foxit Reader v11.2.118.51569 allows attackers to escalate privileges when searching for DLL libraries without specifying an absolute path. |
10 |
CVE-2022-42945 |
427 |
|
Exec Code |
2022-12-19 |
2022-12-28 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
DWG TrueViewTM 2023 version has a DLL Search Order Hijacking vulnerability. Successful exploitation by a malicious attacker could result in remote code execution on the target system. |
11 |
CVE-2022-40978 |
427 |
|
|
2022-09-19 |
2022-09-21 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The installer of JetBrains IntelliJ IDEA before 2022.2.2 was vulnerable to EXE search order hijacking |
12 |
CVE-2022-40746 |
427 |
|
Exec Code |
2022-11-21 |
2022-11-23 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
IBM i Access Family 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability. By placing a specially crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236581. |
13 |
CVE-2022-39846 |
427 |
|
Exec Code |
2022-09-09 |
2022-09-21 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
DLL hijacking vulnerability in Smart Switch PC prior to version 4.3.22083_3 allows attacker to execute arbitrary code. |
14 |
CVE-2022-38633 |
427 |
|
Exec Code |
2022-09-13 |
2022-09-17 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Genymotion Desktop v3.2.1 was discovered to contain a DLL hijacking vulnerability which allows attackers to escalate privileges and execute arbitrary code via a crafted binary. |
15 |
CVE-2022-38395 |
427 |
|
|
2022-12-12 |
2022-12-15 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
HP Support Assistant uses HP Performance Tune-up as a diagnostic tool. HP Support Assistant uses Fusion to launch HP Performance Tune-up. It is possible for an attacker to exploit the DLL hijacking vulnerability and elevate privileges when Fusion launches the HP Performance Tune-up. |
16 |
CVE-2022-36924 |
427 |
|
|
2022-11-17 |
2022-11-22 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
The Zoom Rooms Installer for Windows prior to 5.12.6 contains a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability during the install process to escalate their privileges to the SYSTEM user. |
17 |
CVE-2022-36840 |
427 |
|
Exec Code |
2022-08-05 |
2022-10-27 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
DLL hijacking vulnerability in Samsung Update Setup prior to version 2.2.9.50 allows attackers to execute arbitrary code. |
18 |
CVE-2022-36415 |
427 |
|
|
2022-07-23 |
2022-08-01 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
A DLL hijacking vulnerability exists in the uninstaller in Scooter Beyond Compare 1.8a through 4.4.2 before 4.4.3 when installed via the EXE installer. The uninstaller attempts to load DLLs out of a Windows Temp folder. If a standard user places malicious DLLs in the C:\Windows\Temp\ folder, and then the uninstaller is run as SYSTEM, the DLLs will execute with elevated privileges. |
19 |
CVE-2022-36380 |
427 |
|
|
2022-11-11 |
2022-11-16 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Uncontrolled search path in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access. |
20 |
CVE-2022-36314 |
427 |
|
|
2022-12-22 |
2023-01-03 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
When opening a Windows shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system.<br>This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 102.1, Firefox < 103, and Thunderbird < 102.1. |
21 |
CVE-2022-36271 |
427 |
|
|
2022-09-07 |
2022-09-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Outbyte PC Repair Installation File 1.7.112.7856 is vulnerable to Dll Hijacking. iertutil.dll is missing so an attacker can use a malicious dll with same name and can get admin privileges. |
22 |
CVE-2022-34902 |
427 |
|
Exec Code |
2022-07-18 |
2022-07-27 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Desktop Control Agent service. The service loads Qt plugins from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-15787. |
23 |
CVE-2022-34901 |
427 |
|
Exec Code |
2022-07-18 |
2022-07-27 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 (39316) Agent. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Parallels Service. The service executes files from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-16137. |
24 |
CVE-2022-34900 |
427 |
|
Exec Code |
2022-07-18 |
2022-07-27 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.3 (39313) Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Dispatcher service. The service loads an OpenSSL configuration file from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-15213. |
25 |
CVE-2022-34825 |
427 |
|
Exec Code |
2022-11-08 |
2022-11-09 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Uncontrolled Search Path Element in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows and earlier, CLUSTERPRO X 5.0 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 5.0 SingleServerSafe for Windows and earlier allows a remote unauthenticated attacker to overwrite existing files on the file system and to potentially execute arbitrary code. |
26 |
CVE-2022-34235 |
427 |
|
|
2022-08-11 |
2022-08-13 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Adobe Premiere Elements version 2020v20 (and earlier) is affected by an Uncontrolled Search Path Element which could lead to Privilege Escalation. An attacker could leverage this vulnerability to obtain admin using an existing low-privileged user. Exploitation of this issue does not require user interaction. |
27 |
CVE-2022-34101 |
427 |
|
Exec Code |
2022-09-13 |
2022-09-18 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
A vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can place a malicious DLL in a certain path to execute code and preform a privilege escalation attack. |
28 |
CVE-2022-33921 |
427 |
|
Exec Code |
2022-10-12 |
2022-10-14 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Dell GeoDrive, versions prior to 2.2, contains Multiple DLL Hijacking Vulnerabilities. A low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code in the SYSTEM security context. |
29 |
CVE-2022-33037 |
427 |
|
Exec Code |
2022-06-29 |
2022-07-08 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
A binary hijack in Orwell-Dev-Cpp v5.11 allows attackers to execute arbitrary code via a crafted .exe file. |
30 |
CVE-2022-33036 |
427 |
|
Exec Code |
2022-06-29 |
2022-07-08 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
A binary hijack in Embarcadero Dev-CPP v6.3 allows attackers to execute arbitrary code via a crafted .exe file. |
31 |
CVE-2022-33035 |
427 |
|
|
2022-06-29 |
2022-07-08 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
XLPD v7.0.0094 and below contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges. |
32 |
CVE-2022-32498 |
427 |
|
Exec Code Bypass |
2022-07-21 |
2022-07-30 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Dell EMC PowerStore, Versions prior to v3.0.0.0 contain a DLL Hijacking vulnerability in PSTCLI. A local attacker can potentially exploit this vulnerability to execute arbitrary code, escalate privileges, and bypass software allow list solutions, leading to system takeover or IP exposure. |
33 |
CVE-2022-32223 |
427 |
|
|
2022-07-14 |
2022-10-28 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Node.js is vulnerable to Hijack Execution Flow: DLL Hijacking under certain conditions on Windows platforms.This vulnerability can be exploited if the victim has the following dependencies on a Windows machine:* OpenSSL has been installed and “C:\Program Files\Common Files\SSL\openssl.cnf” exists.Whenever the above conditions are present, `node.exe` will search for `providers.dll` in the current user directory.After that, `node.exe` will try to search for `providers.dll` by the DLL Search Order in Windows.It is possible for an attacker to place the malicious file `providers.dll` under a variety of paths and exploit this vulnerability. |
34 |
CVE-2022-32168 |
427 |
|
|
2022-09-28 |
2022-09-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Notepad++ versions 8.4.1 and before are vulnerable to DLL hijacking where an attacker can replace the vulnerable dll (UxTheme.dll) with his own dll and run arbitrary code in the context of Notepad++. |
35 |
CVE-2022-31694 |
427 |
|
|
2022-11-18 |
2022-11-22 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
InstallBuilder Qt installers built with versions previous to 22.10 try to load DLLs from the installer binary parent directory when displaying popups. This may allow an attacker to plant a malicious DLL in the installer parent directory to allow executing code with the privileges of the installer (when the popup triggers the loading of the library). Exploiting these type of vulnerabilities generally require that an attacker has access to a vulnerable machine to plant the malicious DLL. |
36 |
CVE-2022-31467 |
427 |
|
Exec Code |
2022-05-23 |
2022-06-02 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
A DLL hijacking vulnerability in the installed for Quick Heal Total Security prior to 12.1.1.27 allows a local attacker to achieve privilege escalation, leading to execution of arbitrary code, via the installer not restricting the search path for required DLLs and then not verifying the signature of the DLLs it tries to load. |
37 |
CVE-2022-30744 |
427 |
|
Exec Code |
2022-06-07 |
2022-06-13 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
DLL hijacking vulnerability in KiesWrapper in Samsung Kies prior to version 2.6.4.22043_1 allows attacker to execute arbitrary code. |
38 |
CVE-2022-30701 |
427 |
|
Exec Code |
2022-05-27 |
2022-06-08 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
An uncontrolled search path element vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to craft a special configuration file to load an untrusted library with escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
39 |
CVE-2022-30696 |
427 |
|
|
2022-05-16 |
2022-05-24 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
Local privilege escalation due to a DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy (Windows) before build 3640 |
40 |
CVE-2022-30548 |
427 |
|
|
2022-11-11 |
2022-11-17 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Uncontrolled search path element in the Intel(R) Glorp software may allow an authenticated user to potentially enable escalation of privilege via local access. |
41 |
CVE-2022-29580 |
427 |
|
Exec Code Bypass |
2022-12-13 |
2022-12-15 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
There exists a path traversal vulnerability in the Android Google Search app. This is caused by the incorrect usage of uri.getLastPathSegment. A symbolic encoded string can bypass the path logic to get access to unintended directories. An attacker can manipulate paths that could lead to code execution on the device. We recommend upgrading beyond version 13.41 |
42 |
CVE-2022-29187 |
427 |
|
|
2022-07-12 |
2022-12-14 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
Git is a distributed revision control system. Git prior to versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5, is vulnerable to privilege escalation in all platforms. An unsuspecting user could still be affected by the issue reported in CVE-2022-24765, for example when navigating as root into a shared tmp directory that is owned by them, but where an attacker could create a git repository. Versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5 contain a patch for this issue. The simplest way to avoid being affected by the exploit described in the example is to avoid running git as root (or an Administrator in Windows), and if needed to reduce its use to a minimum. While a generic workaround is not possible, a system could be hardened from the exploit described in the example by removing any such repository if it exists already and creating one as root to block any future attacks. |
43 |
CVE-2022-29092 |
427 |
|
+Priv |
2022-06-10 |
2022-06-17 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Dell SupportAssist Client Consumer versions (3.11.0 and versions prior) and Dell SupportAssist Client Commercial versions (3.2.0 and versions prior) contain a privilege escalation vulnerability. A non-admin user can exploit the vulnerability and gain admin access to the system. |
44 |
CVE-2022-28792 |
427 |
|
Exec Code |
2022-05-03 |
2022-05-11 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
DLL hijacking vulnerability in Gear IconX PC Manager prior to version 2.1.220405.51 allows attacker to execute arbitrary code. The patch adds proper absolute path to prevent dll hijacking. |
45 |
CVE-2022-28779 |
427 |
|
Exec Code |
2022-04-11 |
2022-04-19 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
Uncontrolled search path element vulnerability in Samsung Android USB Driver windows installer program prior to version 1.7.50 allows attacker to execute arbitrary code. |
46 |
CVE-2022-28766 |
427 |
|
|
2022-11-17 |
2022-11-22 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Windows 32-bit versions of the Zoom Client for Meetings before 5.12.6 and Zoom Rooms for Conference Room before version 5.12.6 are susceptible to a DLL injection vulnerability. A local low-privileged user could exploit this vulnerability to run arbitrary code in the context of the Zoom client. |
47 |
CVE-2022-28714 |
427 |
|
|
2022-05-05 |
2022-05-12 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, as well as F5 BIG-IP APM Clients 7.x versions prior to 7.2.1.5, a DLL Hijacking vulnerability exists in the BIG-IP Edge Client Windows Installer. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated |
48 |
CVE-2022-28696 |
427 |
|
|
2022-08-18 |
2022-08-22 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
Uncontrolled search path in the Intel(R) Distribution for Python before version 2022.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access. |
49 |
CVE-2022-28541 |
427 |
|
Exec Code |
2022-04-11 |
2022-04-19 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
Uncontrolled search path element vulnerability in Samsung Update prior to version 3.0.77.0 allows attackers to execute arbitrary code as Samsung Update permission. |
50 |
CVE-2022-28394 |
427 |
|
|
2022-05-27 |
2022-06-08 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
EOL Product CVE - Installer of Trend Micro Password Manager (Consumer) versions 3.7.0.1223 and below provided by Trend Micro Incorporated contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427). Please note that this was reported on an EOL version of the product, and users are advised to upgrade to the latest supported version (5.x). |