Export limit exceeded: 362578 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (1182 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-28881 | 1 Intel | 1 Fortran Compiler | 2026-04-15 | 6.7 Medium |
| Uncontrolled search path for some Intel(R) Fortran Compiler Classic software before version 2021.13 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-20108 | 2026-04-15 | 6.7 Medium | ||
| Uncontrolled search path element for some Intel(R) Network Adapter Driver installers for Windows 11 before version 29.4 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-31361 | 2026-04-15 | 7.3 High | ||
| A DLL hijacking vulnerability in AMD Integrated Management Technology (AIM-T) Manageability Service could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. | ||||
| CVE-2025-20106 | 1 Intel | 1 Vtune Profiler Software And Intel Oneapi Base Toolkits | 2026-04-15 | 6.7 Medium |
| Uncontrolled search path in some software installer for some VTune(TM) Profiler software and Intel(R) oneAPI Base Toolkits before version 2025.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. | ||||
| CVE-2025-26860 | 1 Rsupport | 1 Remotecall | 2026-04-15 | N/A |
| RemoteCall Remote Support Program (for Operator) versions prior to 5.1.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution. | ||||
| CVE-2024-34164 | 1 Intel | 1 Mas Software | 2026-04-15 | 6.7 Medium |
| Uncontrolled search path element in some Intel(R) MAS software before version 2.5 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-57426 | 2026-04-15 | 7.3 High | ||
| NetMod VPN Client 5.3.1 is vulnerable to DLL injection, allowing an attacker to execute arbitrary code by placing a malicious DLL in a directory where the application loads dependencies. This vulnerability arises due to the improper validation of dynamically loaded libraries. | ||||
| CVE-2024-48091 | 2026-04-15 | 7.8 High | ||
| Tally Prime Edit Log v2.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. This vulnerability allows attackers to execute arbitrary code via a crafted DLL. | ||||
| CVE-2024-36280 | 1 Intel | 1 High Level Synthesis Compiler | 2026-04-15 | 6.7 Medium |
| Uncontrolled search path for some Intel(R) High Level Synthesis Compiler software before version 24.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-5469 | 2 Apple, Yandex | 2 Macos, Messenger | 2026-04-15 | N/A |
| Uncontrolled Search Path Element vulnerability in Yandex Messenger on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.245 | ||||
| CVE-2024-0980 | 2026-04-15 | 7.1 High | ||
| The Auto-update service for Okta Verify for Windows is vulnerable to two flaws which in combination could be used to execute arbitrary code. | ||||
| CVE-2024-31073 | 2026-04-15 | 6.7 Medium | ||
| Uncontrolled search path for some Intel(R) oneAPI Level Zero software may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-28953 | 1 Intel | 1 Emon Software | 2026-04-15 | 6.7 Medium |
| Uncontrolled search path in some EMON software before version 11.44 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-21830 | 2026-04-15 | 6.7 Medium | ||
| Uncontrolled search path in some Intel(R) VPL software before version 2023.4.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-33580 | 1 Lenovo | 1 Personal Cloud | 2026-04-15 | 7.8 High |
| A DLL hijack vulnerability was reported in Lenovo Personal Cloud that could allow a local attacker to execute code with elevated privileges. | ||||
| CVE-2024-36291 | 2026-04-15 | 6.7 Medium | ||
| Uncontrolled search path for some Intel(R) Chipset Software Installation Utility before version 10.1.19867.8574 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-62776 | 2 Microsoft, Wireless Tsukamoto | 2 Windows, Wtw Eagle | 2026-04-15 | N/A |
| The installer of WTW EAGLE (for Windows) 3.0.8.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application. | ||||
| CVE-2024-28131 | 2026-04-15 | 7.8 High | ||
| EasyRange Ver 1.41 contains an issue with the executable file search path when displaying an extracted file on Explorer, which may lead to loading an executable file resides in the same folder where the extracted file is placed. If this vulnerability is exploited, arbitrary code may be executed with the privilege of the running program. Note that the developer was unreachable, therefore, users should consider stop using EasyRange Ver 1.41. | ||||
| CVE-2024-39813 | 2026-04-15 | 6.7 Medium | ||
| Uncontrolled search path for some EPCT software before version 1.42.8.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-40827 | 1 Siemens | 2 Software Center, Solid Edge Se2025 | 2026-04-15 | 7.8 High |
| A vulnerability has been identified in Siemens Software Center (All versions < V3.5), Solid Edge SE2025 (All versions < V225.0 Update 10). The affected application is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code via placing a crafted DLL file on the system. | ||||