Export limit exceeded: 363307 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (2564 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-31027 | 2 Microsoft, Nvidia | 2 Windows, Virtual Gpu | 2024-11-21 | 8.2 High |
| NVIDIA GPU Display Driver for Windows contains a vulnerability that allows Windows users with low levels of privilege to escalate privileges when an administrator is updating GPU drivers, which may lead to escalation of privileges. | ||||
| CVE-2023-31016 | 2 Microsoft, Nvidia | 2 Windows, Virtual Gpu | 2024-11-21 | 7.3 High |
| NVIDIA GPU Display Driver for Windows contains a vulnerability where an uncontrolled search path element may allow an attacker to execute arbitrary code, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. | ||||
| CVE-2023-30946 | 1 Palantir | 1 Foundry Issues | 2024-11-21 | 3.5 Low |
| A security defect was identified in Foundry Issues. If a user was added to an issue on a resource that they did not have access to and consequently could not see, they could query Foundry's Notification API and receive metadata about the issue including the RID of the issue, severity, internal UUID of the author, and the user-defined title of the issue. | ||||
| CVE-2023-2685 | 1 Abb | 1 Ao-opc | 2024-11-21 | 7.2 High |
| A vulnerability was found in AO-OPC server versions mentioned above. As the directory information for the service entry is not enclosed in quotation marks, potential attackers could possibly call up another application than the AO-OPC server by starting the service. The service might be started with system user privileges which could cause a shift in user access privileges. It is unlikely to exploit the vulnerability in well maintained Windows installations since the attacker would need write access to system folders. An update is available that resolves the vulnerability found during an internal review in the product AO-OPC = 3.2.1 | ||||
| CVE-2023-2644 | 1 Digitalpersona Fpsensor Project | 1 Digitalpersona Fpsensor | 2024-11-21 | 5.3 Medium |
| A vulnerability, which was classified as problematic, has been found in DigitalPersona FPSensor 1.0.0.1. This issue affects some unknown processing of the file C:\Program Files (x86)\FPSensor\bin\DpHost.exe. The manipulation leads to unquoted search path. Attacking locally is a requirement. The identifier VDB-228773 was assigned to this vulnerability. | ||||
| CVE-2023-29504 | 1 Intel | 1 Realsense D400 Series Dynamic Calibration Tool | 2024-11-21 | 6.7 Medium |
| Uncontrolled search path element in some Intel(R) RealSense(TM) Dynamic Calibration software before version 2.13.1.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-29165 | 2 Intel, Microsoft | 3 Arc A Graphics, Iris Xe Graphics, Windows | 2024-11-21 | 6.7 Medium |
| Unquoted search path or element in some Intel(R) Arc(TM) Control software before version 1.73.5335.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-29161 | 1 Intel | 1 One Boot Flash Update | 2024-11-21 | 6.7 Medium |
| Uncontrolled search path in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-29151 | 1 Intel | 1 Platform Service Record Software Development Kit | 2024-11-21 | 6.7 Medium |
| Uncontrolled search path element in some Intel(R) PSR SDK before version 1.0.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-29069 | 1 Autodesk | 1 Desktop Connector | 2024-11-21 | 7.8 High |
| A maliciously crafted DLL file can be forced to install onto a non-default location, and attacker can overwrite parts of the product with malicious DLLs. These files may then have elevated privileges leading to a Privilege Escalation vulnerability. | ||||
| CVE-2023-28823 | 1 Intel | 29 Advisor For Oneapi, Cpu Runtime For Opencl Applications, Distribution For Python Programming Language and 26 more | 2024-11-21 | 6.7 Medium |
| Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-28740 | 2 Intel, Microsoft | 5 Qat Drivers, Quickassist Technology, Quickassist Technology Firmware and 2 more | 2024-11-21 | 6.7 Medium |
| Uncontrolled search path element in some Intel(R) QAT drivers for Windows - HW Version 2.0 before version 2.0.4 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-28407 | 1 Intel | 1 Extreme Tuning Utility | 2024-11-21 | 6.7 Medium |
| Uncontrolled search path in some Intel(R) XTU software before version 7.12.0.29 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-28405 | 1 Intel | 1 Openvino | 2024-11-21 | 6.7 Medium |
| Uncontrolled search path in the Intel(R) Distribution of OpenVINO(TM) Toolkit before version 2022.3.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-28380 | 1 Intel | 1 Ai Hackathon | 2024-11-21 | 8.8 High |
| Uncontrolled search path for the Intel(R) AI Hackathon software before version 2.0.0 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | ||||
| CVE-2023-26911 | 1 Asus | 2 Armoury Crate, Setupasusservices | 2024-11-21 | 7.8 High |
| ASUS SetupAsusServices v1.0.5.1 in Asus Armoury Crate v5.3.4.0 contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges. | ||||
| CVE-2023-26358 | 1 Adobe | 1 Creative Cloud | 2024-11-21 | 8.6 High |
| Creative Cloud version 5.9.1 (and earlier) is affected by an Untrusted Search Path vulnerability that might allow attackers to execute their own programs, access unauthorized data files, or modify configuration in unexpected ways. If the application uses a search path to locate critical resources such as programs, then an attacker could modify that search path to point to a malicious program, which the targeted application would then execute. The problem extends to any type of critical resource that the application trusts. | ||||
| CVE-2023-25944 | 1 Intel | 1 Vcust Tool | 2024-11-21 | 6.7 Medium |
| Uncontrolled search path element in some Intel(R) VCUST Tool software downloaded before February 3nd 2023 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-25779 | 1 Intel | 1 Thunderbolt Dch Driver | 2024-11-21 | 6.7 Medium |
| Uncontrolled search path element in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-25182 | 1 Intel | 1 Unite | 2024-11-21 | 4.2 Medium |
| Uncontrolled search path element in the Intel(R) Unite(R) Client software for Mac before version 4.2.11 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||