Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-3633

Summary
Assigner-lenovo
Assigner Org ID-da227ddf-6e25-4b41-b023-0f976dcaca4b
Published At-17 Aug, 2021 | 16:25
Updated At-03 Aug, 2024 | 17:01
Rejected At-
Credits

A DLL preloading vulnerability was reported in Lenovo Driver Management prior to version 2.9.0719.1104 that could allow privilege escalation.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:lenovo
Assigner Org ID:da227ddf-6e25-4b41-b023-0f976dcaca4b
Published At:17 Aug, 2021 | 16:25
Updated At:03 Aug, 2024 | 17:01
Rejected At:
▼CVE Numbering Authority (CNA)

A DLL preloading vulnerability was reported in Lenovo Driver Management prior to version 2.9.0719.1104 that could allow privilege escalation.

Affected Products
Vendor
Lenovo Group LimitedLenovo
Product
Driver Management
Versions
Affected
  • From unspecified before 2.9.0719.1104 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-347CWE-347 Improper Verification of Cryptographic Signature
Type: CWE
CWE ID: CWE-347
Description: CWE-347 Improper Verification of Cryptographic Signature
Metrics
VersionBase scoreBase severityVector
3.17.3HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Update to Lenovo Driver Management version 2.9.0719.1104 (or later).

Configurations

Workarounds

Exploits

Credits

Lenovo thanks Guangdong Network Security Emergency Response Center and Sangfor QianLiMu Security Lab – Terminal Security Team for identifying this issue.
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://iknow.lenovo.com.cn/detail/dc_198418.html
x_refsource_MISC
Hyperlink: https://iknow.lenovo.com.cn/detail/dc_198418.html
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://iknow.lenovo.com.cn/detail/dc_198418.html
x_refsource_MISC
x_transferred
Hyperlink: https://iknow.lenovo.com.cn/detail/dc_198418.html
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@lenovo.com
Published At:17 Aug, 2021 | 17:15
Updated At:25 Apr, 2022 | 19:11

A DLL preloading vulnerability was reported in Lenovo Driver Management prior to version 2.9.0719.1104 that could allow privilege escalation.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Secondary3.17.3HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Primary2.06.9MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 6.9
Base severity: MEDIUM
Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C
CPE Matches

Lenovo Group Limited
lenovo
>>drivers_management>>Versions before 2.9.0719.1104(exclusive)
cpe:2.3:a:lenovo:drivers_management:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-427Primarynvd@nist.gov
CWE-347Secondarypsirt@lenovo.com
CWE ID: CWE-427
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-347
Type: Secondary
Source: psirt@lenovo.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://iknow.lenovo.com.cn/detail/dc_198418.htmlpsirt@lenovo.com
Exploit
Vendor Advisory
Hyperlink: https://iknow.lenovo.com.cn/detail/dc_198418.html
Source: psirt@lenovo.com
Resource:
Exploit
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

486Records found

CVE-2021-3550
Matching Score-6
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-6
Assigner-Lenovo Group Ltd.
CVSS Score-7.8||HIGH
EPSS-0.25% / 15.73%
||
7 Day CHG~0.00%
Published-16 Jul, 2021 | 20:30
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A DLL search path vulnerability was reported in Lenovo PCManager, prior to version 3.0.500.5102, that could allow privilege escalation.

Action-Not Available
Vendor-Lenovo Group Limited
Product-pcmanagerPCManager
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-9201
Matching Score-6
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-6
Assigner-Lenovo Group Ltd.
CVSS Score-8.5||HIGH
EPSS-0.15% / 5.08%
||
7 Day CHG~0.00%
Published-11 Sep, 2025 | 18:32
Updated-15 Sep, 2025 | 15:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential DLL hijacking vulnerability was discovered in Lenovo Browser during an internal security assessment that could allow a local user to execute code with elevated privileges.

Action-Not Available
Vendor-Lenovo Group Limited
Product-Browser
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2015-7336
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.59% / 43.71%
||
7 Day CHG~0.00%
Published-27 Mar, 2020 | 14:05
Updated-06 Aug, 2024 | 07:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A vulnerability was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior that could allow the signature check of an update to be bypassed.

Action-Not Available
Vendor-n/aLenovo Group Limited
Product-system_updaten/a
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2021-3464
Matching Score-6
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-6
Assigner-Lenovo Group Ltd.
CVSS Score-7.8||HIGH
EPSS-0.26% / 17.46%
||
7 Day CHG~0.00%
Published-27 Apr, 2021 | 15:27
Updated-03 Aug, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A DLL search path vulnerability was reported in Lenovo PCManager, prior to version 3.0.400.3252, that could allow privilege escalation.

Action-Not Available
Vendor-Lenovo Group Limited
Product-pcmanagerPCManager
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-4371
Matching Score-6
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-6
Assigner-Lenovo Group Ltd.
CVSS Score-7||HIGH
EPSS-0.20% / 9.92%
||
7 Day CHG~0.00%
Published-18 Aug, 2025 | 20:04
Updated-19 Aug, 2025 | 13:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential vulnerability was reported in the Lenovo 510 FHD and Performance FHD web cameras that could allow an attacker with physical access to write arbitrary firmware updates to the device over a USB connection.

Action-Not Available
Vendor-Lenovo Group Limited
Product-Performance FHD Webcam510 FHD Webcam
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2020-8324
Matching Score-6
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-6
Assigner-Lenovo Group Ltd.
CVSS Score-5||MEDIUM
EPSS-0.34% / 25.56%
||
7 Day CHG~0.00%
Published-14 Apr, 2020 | 21:05
Updated-16 Sep, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability was reported in LenovoAppScenarioPluginSystem for Lenovo System Interface Foundation prior to version 1.2.184.31 that could allow unsigned DLL files to be executed.

Action-Not Available
Vendor-Lenovo Group Limited
Product-system_interface_foundationLenovoAppScenarioPluginSystem for Lenovo System Interface Foundation
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CWE ID-CWE-20
Improper Input Validation
CVE-2022-43751
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.22% / 12.43%
||
7 Day CHG~0.00%
Published-22 Nov, 2022 | 00:00
Updated-29 Apr, 2025 | 05:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

McAfee Total Protection prior to version 16.0.49 contains an uncontrolled search path element vulnerability due to the use of a variable pointing to a subdirectory that may be controllable by an unprivileged user. This may have allowed the unprivileged user to execute arbitrary code with system privileges.

Action-Not Available
Vendor-n/aMcAfee, LLC
Product-total_protectionn/a
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-43310
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.55% / 72.13%
||
7 Day CHG~0.00%
Published-09 Nov, 2022 | 00:00
Updated-01 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Uncontrolled Search Path Element in Foxit Software released Foxit Reader v11.2.118.51569 allows attackers to escalate privileges when searching for DLL libraries without specifying an absolute path.

Action-Not Available
Vendor-n/aFoxit Software Incorporated
Product-foxit_readern/a
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-2629
Matching Score-4
Assigner-National Instruments
ShareView Details
Matching Score-4
Assigner-National Instruments
CVSS Score-7||HIGH
EPSS-0.17% / 6.74%
||
7 Day CHG+0.01%
Published-09 Apr, 2025 | 18:45
Updated-18 Aug, 2025 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DLL Hijacking Vulnerability in NI LabVIEW When Loading NI Error Reporting

There is a DLL hijacking vulnerability due to an uncontrolled search path that exists in NI LabVIEW when loading NI Error Reporting. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to insert a malicious DLL into the uncontrolled search path. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.

Action-Not Available
Vendor-niNI
Product-labviewLabVIEW
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-26631
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.3||HIGH
EPSS-0.53% / 40.65%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 16:59
Updated-13 Feb, 2026 | 19:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Visual Studio Code Elevation of Privilege Vulnerability

Uncontrolled search path element in Visual Studio Code allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-visual_studio_codeVisual Studio Code
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-2630
Matching Score-4
Assigner-National Instruments
ShareView Details
Matching Score-4
Assigner-National Instruments
CVSS Score-7||HIGH
EPSS-0.17% / 6.74%
||
7 Day CHG+0.01%
Published-09 Apr, 2025 | 18:50
Updated-18 Aug, 2025 | 19:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DLL Hijacking Vulnerability in NI LabVIEW

There is a DLL hijacking vulnerability due to an uncontrolled search path that exists in NI LabVIEW. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to insert a malicious DLL into the uncontrolled search path. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.

Action-Not Available
Vendor-niNI
Product-labviewLabVIEW
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-24998
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.3||HIGH
EPSS-0.42% / 33.53%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 16:59
Updated-13 Feb, 2026 | 19:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Visual Studio Elevation of Privilege Vulnerability

Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-visual_studio_2022visual_studio_2017visual_studio_2019Microsoft Visual Studio 2022 version 17.8Microsoft Visual Studio 2022 version 17.10Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)Microsoft Visual Studio 2022 version 17.12Microsoft Visual Studio 2022 version 17.13
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-25003
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.3||HIGH
EPSS-0.42% / 33.53%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 16:59
Updated-13 Feb, 2026 | 19:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Visual Studio Elevation of Privilege Vulnerability

Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-visual_studio_2022visual_studio_2019Microsoft Visual Studio 2022 version 17.8Microsoft Visual Studio 2022 version 17.10Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)Microsoft Visual Studio 2022 version 17.12Microsoft Visual Studio 2022 version 17.13
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-23355
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.14% / 3.93%
||
7 Day CHG~0.00%
Published-01 Oct, 2025 | 21:19
Updated-26 Feb, 2026 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA Nsight Graphics for Windows contains a vulnerability in an ngfx component, where an attacker could cause a DLL highjacking attack. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, data tampering, and denial of service.

Action-Not Available
Vendor-NVIDIA CorporationMicrosoft Corporation
Product-nsight_graphicswindowsNsight Graphics
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-24039
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.3||HIGH
EPSS-0.70% / 48.72%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 17:58
Updated-13 Feb, 2026 | 19:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Visual Studio Code Elevation of Privilege Vulnerability

Visual Studio Code Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-visual_studio_codeVisual Studio Code
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-43722
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.22% / 12.05%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0). Affected software does not properly secure a folder containing library files. This could allow an attacker to place a custom malicious DLL in this folder which is then run with SYSTEM rights when a service is started that requires this DLL. At the time of assigning the CVE, the affected firmware version of the component has already been superseded by succeeding mainline versions.

Action-Not Available
Vendor-Siemens AG
Product-sicam_pas\/pqsSICAM PAS/PQS
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-48225
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.3||HIGH
EPSS-0.20% / 9.84%
||
7 Day CHG~0.00%
Published-04 Apr, 2023 | 00:00
Updated-18 Feb, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. It is used to install drivers from several different vendors. The Gemalto Document Reader child installation process is vulnerable to DLL hijacking, because it attempts to execute (with elevated privileges) multiple non-existent DLLs out of a non-existent standard-user writable location.

Action-Not Available
Vendor-gbgplcn/a
Product-acuant_acufill_sdkn/a
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-4894
Matching Score-4
Assigner-HP Inc.
ShareView Details
Matching Score-4
Assigner-HP Inc.
CVSS Score-7.3||HIGH
EPSS-0.19% / 8.57%
||
7 Day CHG~0.00%
Published-16 Aug, 2023 | 20:13
Updated-03 Aug, 2024 | 01:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain HP and Samsung Printer software packages may potentially be vulnerable to elevation of privilege due to Uncontrolled Search Path Element.

Action-Not Available
Vendor-SamsungHP Inc.
Product-7fq92a\#ab18af51a714z8a_firmwaress256h_firmwaress272q_firmwaress278ass395a_firmwaress388kst682a_firmwaress383f_firmwaress359ess150t8af50a_firmwaress211c_firmwaress213ess395c_firmwaress365g_firmware7fr04a\#ab1ss344b_firmwaress152a_firmwaress272c_firmwaress370a_firmware7gf50a\#ab1209u7ass196fss365j_firmwarest686css042d_firmwaress150p_firmwaress108j_firmwaress204ess103a_firmwarest690css272n_firmwaresv531ass404q3b0c3a\#ab1_firmwarest695b_firmware7gf55a\#ab1_firmwaress196g_firmwaress106j_firmwaress339fss204dss210j_firmwaress076sss076d_firmwaress342d_firmwaress229fss389z_firmwaress154a_firmwaress343e_firmwaress397q_firmwaress326est679h_firmwaress370ass256kst694ass357a_firmwaress150j_firmware6hu09a_firmwaress334ess352h_firmwaress365lss389z7gf53a\#ab1_firmwaress276bss341ass268a_firmwaress075bss150lss106lss327css272d_firmwarest688jss196f_firmwaress041jss075kss287a_firmwaress256tss383h_firmware3a9x2a\#301ss389mss396c_firmware715a6a715a3ass153f_firmwaress256n_firmwaress359hss105gss256p_firmwaress355a3a9x1a\#ab1ss210c_firmwaress378d_firmwaress271lss218h_firmwaress353ass229c_firmwaress335fss216v_firmwaress042fss153kss257l_firmwaress256m_firmwaress027lss272nss108k_firmwarest688g_firmwaress255c_firmwaress058b_firmwaress336a_firmwaress271ass042b_firmware7fq87a\#ab1ss076k3a9x3a\#ab1_firmware3b0c0a\#301_firmwaress107j_firmwaresw192a_firmwarest688e_firmware8pa11a\#301_firmwaress325ass350ass395mss058a_firmware4zb93ass076e_firmwaress150q_firmwaress205p_firmware7ab26a_firmwaress273b_firmwaress397lss369a_firmware7fq89a\#ab1_firmwaress349ass216hss150k_firmwaress383v4zb89ass058g_firmware3b0c9a\#304_firmwaress044jss204f_firmwaress280ass044k_firmwaress340c_firmwaress389gss369d_firmwaress275a_firmwaress334c_firmwaress384ass229ess389pss388fss395g_firmwaress383p_firmwaress335e_firmwarest687ass076l_firmwaress395pss058gss150bss398dss352mss352k_firmwaress385ass213gss272e_firmwaress348a_firmwaress216jss216q_firmwaress049dss033j3a9x3a\#ab1ss229gst682ast694dss236ass254css229f_firmwaress334d_firmwaress388lst688css368h_firmwaress216sss076w_firmwaress386fss359fss272f_firmwaress352ess257e_firmwaress105b_firmwaress218css353c_firmwaress392css365fss218j_firmwaress368css404jss398css229hss257c_firmwaress328a_firmwaress205l_firmwaress234ass382a_firmwaress210ass105dss365mss042bss033lss149a_firmwaress359h_firmwaress323ass195ass359kss198a_firmwaress384dss229j_firmwaress108ass229css218ass229h_firmwaress383q_firmware7fq92a\#ab1_firmwaress383a_firmwaress341a_firmwaress211k_firmwaress108f_firmwaress150t_firmwaress236a_firmwaress388f_firmwaress076d3b0c6a\#312_firmwaress150g7gf48a\#ab1_firmwaress195a_firmwaress237a_firmwaress075b_firmware715a1ass349c_firmwaress230q_firmware3b0c5a\#ab1ss368ess273bss254bss216k_firmware715a2a_firmwaress365d_firmwaress044bss257jst673a_firmwaress211j_firmwaress335a_firmwaress383uss389lss230f_firmwaress027k7gf54a\#ab1_firmwaress043gss076q2zn50a_firmwaress033l_firmwaress378fss212a_firmwaress211d_firmwaress389b_firmwaress210e_firmwaress104ass229e_firmwaress108h_firmwaress211jss108gss389h_firmwaress261ass393bss369bss326e_firmwaress343fss272bss353g_firmwaress076j3a9x4a\#ab1ss204jss218hss150css378dss076v_firmwaress383nss219e_firmwarest679b_firmwaress271p_firmwaress213a_firmware3b0c1a\#304ss272l_firmwaress211nss256a_firmwaress044b_firmwarest673dss395e_firmwarest682css033bss152css274ass232ass027f_firmwaress378e_firmwaress076q_firmwaress271q_firmwaress353h_firmware8pa10a\#301ss342ess353d_firmwaress352g_firmwaress369ass404h_firmwaress397kss340css259a4zb85a_firmwaress365gss107b_firmwaress394a_firmwaress230s_firmwaress210m_firmwaress216kss107n_firmwaress043b_firmware4zb79ass365k_firmwaress256f_firmwaress352gss383g_firmwaress327dst686b_firmware715a0a_firmwaress107h_firmwaress392a3a9x8a\#ab1_firmwaress380a_firmwaress349f_firmware4zb83ass218jss377h_firmwaress027jss075j_firmwaress359z_firmwaress150dss204n_firmwaress106h7fq88a\#ab1_firmwaress369ess334f_firmwaress216qss335gss396d_firmwarest693dst690c_firmwaress043j_firmwaress205h_firmwaress076css353dss197ass333ass377bst682b_firmwaress255ass230k_firmwaress150qss398f_firmwaress396hst688a_firmwaress276ass325a_firmwaress027k_firmware4zb87a_firmwaress359e_firmwaress404hst693d_firmwaress041ess058hss256nss106g_firmwaress033h_firmwaress211f_firmwaress216f_firmwaress359f_firmwaress205zst694a_firmwaress058css043d_firmwaress257nss205u3b0c6a\#312ss343g_firmwaress106jss395qss256e_firmware7fq93a\#ab1ss388e_firmwaress352n_firmwaress334dss216lss379ass389v_firmwaress107c_firmware7fq94a\#ab1st686h_firmwaress342a_firmwaress380b_firmwaress076k_firmwarest688bss383u_firmwaress404css379b_firmwaress044d_firmwaress377gss230zss204m_firmwaress271m_firmwaress353f_firmwaress059ess335b4zb96a_firmwaress106k_firmwaress218b_firmwarest693bss150f_firmwaress075d_firmware3a9x1a\#ab1_firmware9vv52a_firmwarest679a_firmware7fq88a\#ab1ss153b_firmwaress049n_firmwaress216p_firmwaress151ass257g_firmwaress256j_firmwaress107k_firmwaress153d_firmwaress383yss257bss404z4zb85ass272m_firmwaress335ess275bss383tss386d_firmwaress152b_firmwaress383z_firmwaress205lss336ass365c_firmwaress041a_firmwaress049m_firmware4zb92ass210m4zb96ass359q_firmwaress327a_firmwaress205f_firmware7fq97a\#ab1_firmwaress343a_firmwarest673ass105h_firmwaress209a_firmwaress213g_firmwaress076s_firmwaress383zst683d_firmwaress282css211h_firmwaress041fss211b3b0c8a\#ab1ss338ass105ess209ass352m_firmwaress254e_firmwaress397b_firmwaress230g_firmwaress230est684a_firmwaress205s_firmwaress033j_firmwaress383y_firmwaress105hw7u02a_firmwaress272a_firmwaress335d_firmwaress211gss368ass384b_firmwaress335f_firmwaress044j_firmware715a1a_firmwaress256l_firmware7fq99a\#ab1_firmwaress377fst683dss150c_firmwaress216gsv899d_firmwaress285a_firmwaress282b_firmwaress058ass404gss049nss150ass044ess105g_firmwaress396css390dss205t_firmwaress351ass389hst689a_firmwaress042css284a_firmwaress339a_firmwaress211hss398e_firmwaress359lss150b_firmwaress210jss386css230m_firmwaress368c_firmwaress272g7fr00a\#ab1ss235a_firmwaress395m_firmwarest695css353j_firmwaress152d_firmwaress397css041hss257a_firmwaress229a_firmwaress218gss230gss378a_firmwaress365jss272zss349c3b0d3a\#301ss255b_firmwaress059e_firmware1vr14a_firmwaress274a_firmwaress388j_firmwaress389dss272jss352q_firmwaress283ass216j_firmwaress272b_firmwaress339ess262a_firmwaress368a_firmwaress389e_firmwarest689ass044css059a_firmwaress404g_firmwaress041f_firmware6hu08ass330ass388l_firmwaress027fss257kss059d_firmwaress335dss378c\#304ss230a_firmwaress210css368d_firmwaress107mss369e_firmwaress058h_firmwaress390hss153gss404k_firmwaress342css339dss257m_firmwarest688h_firmwaress049f_firmware3b0c4a\#301_firmwaress257zss153css383wss041d_firmwaress076j_firmwaress219a_firmwaress266ass365c8af50asv899dss377g_firmwaress257j_firmwaress219a6hu10ass395d_firmwaress075css106sss199ass395hss211kss075d8af51a_firmware7fr00a\#ab1_firmwaress042g_firmwaress108d_firmwaress271bss044fss106ess397a_firmwaress205kss326css049c_firmwaress217ass352sss216m_firmwaress359zss211lss106tss388jss398esv899css404kss042a_firmwaress359n_firmwaress389u_firmware4zb95a3b0d1a\#ab1ss353fsw116bss076lss388css219css354ass398c_firmwarest695ass211b_firmwaress343c_firmwaress059c_firmwaress340ass076pss339e_firmwaress271nss233ass395s_firmwarest695c_firmware714z9a_firmwaress395kss043e_firmwaress210k_firmwaress368hss218e_firmwaress377e_firmware7uq76ass027d_firmwaress265a_firmware3b0d1a\#ab1_firmwarest686d_firmwaress254e715a5a_firmware7zb72a_firmwaress388b_firmwaress108c3b0c4a\#301ss033a_firmwaress352l_firmwaress390bss378gss391b_firmwaress105e_firmwaress058est679ass404z_firmwaress395l_firmwaress359dss327ast686fss205k_firmwaress106e_firmware4zb88a_firmwaress254c_firmwaress281ass277a7uq76a_firmwaress391ess324a_firmwaress076b_firmwaress397bss287b_firmwaress383x_firmwaress076tss196a_firmwaress075jss404dss153bss043l_firmwaress271c_firmwaress272hss076u_firmwaress377kss389q_firmware3b0c5a\#ab1_firmwaress254f_firmwaress383n_firmwaress230d_firmwaress390ess043c_firmwaress395lss230b_firmwaress204kss230pss276a_firmwaress395h_firmware7fq86a\#ab1_firmwarest688c_firmwaress359b_firmwaress353e_firmwaress365b6hu12a_firmwaress353hss343css216b_firmwaress365b_firmwaress391dss205nss205hss256d_firmwaress391c_firmwaress058f_firmwaress340dss332a_firmwaress254d_firmwaress356a_firmwaresw176bss044e_firmwaress339c_firmwaress204l6hu11ass380ass033g_firmwaress196dss106mss271kss216u_firmwaress216nss404l_firmwaress197a_firmware7zb20a_firmwaress348css271pss384a_firmwaress027ass108b_firmwaress256z_firmwaress218bss257dss230c_firmwaress279a2zn49a_firmwaress107qss204d_firmwarest679d_firmwaress393a_firmwaress027gst690d_firmwaress108a_firmware8pa14a\#302sv531a_firmwaress106d_firmwaress075a_firmwaress387a_firmwaress049bss257qss204h_firmware7fq90a\#ab1_firmwaress329ass076uss042dss388gss076hss255a_firmwaress398b_firmwaress330css075g_firmwaress404e_firmwaress102a_firmwaress281bss106fsv901b_firmwaress076ass275c_firmwaress108j715a3a_firmwaress288a6hu08a_firmwaress042a7gf51a\#ab1ss219f_firmwaress106n_firmwaress395dss210d715a6a_firmwaress404q_firmwaress211mss216d_firmware7fq98a\#ab1ss106css033fss195b_firmwaress377jss154ass367css383xss216a_firmwaress076bss334a_firmwarest693b_firmwaress106g8pa13a\#302ss256lss264a_firmwaress205css210g_firmwaress230h_firmwarest683bss106b_firmwaress390fss326dss213h_firmwaress211l_firmwaress027l_firmwaresw176a_firmwaress404b_firmwaress076xss327c_firmwaress027h_firmware8pa12a\#302_firmwaress271jss377p7fq91a\#ab1ss059g_firmwaress369dss271tss404e7fq94a\#ab1_firmwaress043dss343b_firmwaress386bss230p_firmwaress204c_firmwaress076ess383s_firmwaress404a_firmwaress342g_firmwaress365l_firmware7fq99a\#ab1ss256ass278a_firmwaress058jss353a_firmwaress353bss027g_firmwaress049k_firmwaress150a_firmwaress339gss265ass281b_firmwaress254dss075f_firmwaress256g_firmwaress041c_firmwaress383l_firmwaress107f_firmwaress105d_firmware4zb89a_firmwaress262ass331a_firmware3b0c0a\#301ss388k_firmwaress204bss058j_firmwaress107ast690bss153l_firmwarest694b_firmwaress383kss389s_firmware7gf47a\#ab1_firmwaress106zss271g_firmwaress378hss330c_firmwaress058fss276c_firmwaress359g_firmwaress258a_firmware8pa13a\#302_firmwarest686ass150h_firmwaress383bss267bss218ess106c_firmwaress218fss152bss377lss383qss076f_firmwaress397ass107g_firmwaress043kss033kss276b_firmwaress049e_firmwaress339g_firmwaress279a_firmwaress342fst686gss272f7fr03a\#ab1ss377nss396e_firmwarest683b_firmwaress033k_firmware7gf52a\#ab1_firmwaress359mss281a_firmwaress104a_firmwaress271dss395nss076mss391css275b_firmwaress342bss379a_firmwaress218a_firmwaress344a7fr04a\#ab1_firmwaress333a_firmwaress281css076t_firmwaress150n_firmwaress151bss330bss344b3b0c8a\#ab1_firmwaress352lss106f_firmware7zb25asv899c_firmwaress059bss059fss234a_firmwaress391ass348b_firmwaress348c_firmware6hu11a_firmwaress377j_firmwaress356ass027a_firmware7gf53a\#ab14zb79a_firmwaress256css395jss352f_firmwaress232a_firmware4zb90ass210n_firmware2zn49ass256jss049ess404pss049css383e_firmwarest688gss396bw7u01a_firmwaress368g_firmwaress257h_firmwaress272qss106nss230css027j_firmwaress329a_firmwaress044mss271k_firmwaress256q7gf50a\#ab1_firmwaress237bss342gss216g_firmwaress205d_firmwaress049lss254fss213e_firmwaress033mss397j_firmwaress349fss396h_firmwaress049a7zb21a_firmwaress205m_firmwaress107fss359c7fq97a\#ab1ss397h4zb95a_firmwaress359l_firmwaress335g_firmwaress044ass210d_firmwaress395bss044m_firmwaress377k_firmwaress106bss391bss339b_firmwaress322bss387ass271h_firmwaress386ass213hss076g_firmware8af49a_firmwaress404ast693a_firmwaress049jss352bst688hss042c_firmwaress043f_firmwaress336bss196h_firmwarest694d_firmwaress271e_firmwaress075k_firmwaress219b_firmwaress257ess205c_firmwaress272s_firmware7fq90a\#ab1ss261a_firmwaress108l_firmwaress352h4zb91ass075hss367ass271fss268bss263ass210f_firmwaress219fss398a_firmware8pa12a\#302ss380bss352b_firmwaress105jss286a_firmwaress389kss383gst695dss396ess027e3a9x8a\#ab1ss076m_firmwaress353b_firmwaress213c_firmwaress256mss042jss395sss365f_firmwaress210n7fq98a\#ab1_firmwaress349ess383hss381ass326d_firmwaress198ass267a_firmware7fr03a\#ab1_firmwaress218c_firmwaress272u_firmwaresw176ass230t_firmwaress049fss386e_firmwaress216l_firmwaress230j_firmwaress391e_firmwaress151a_firmware3b0c7a\#301_firmwaress389u7fq96a\#ab1_firmwaress257mss058dss393c_firmwarest686hss076vss256k_firmwarest679hss107dss390ass352a_firmwaress230nst686e_firmware8af52ass230z_firmwaress205fss388a_firmwaress041b_firmwaress211e_firmwaress150fss389n_firmwaress257p_firmwaress205qss404m_firmwaress383t_firmwaress359jss106p_firmwaress153ass343kss366ass342c_firmwaress218f_firmwaress396fss397p_firmwaress043h714z9ass352kss389t7fq86a\#ab1ss076h_firmwaress271d_firmwaress326bss392a_firmwaress396b_firmwaress230mst684ass335ass359gss268ass339f_firmwaress257q_firmwaress398fss283a_firmwaress404lss391fss378c\#304_firmwaress386a_firmwaress105j_firmwaress395n_firmwaress389g_firmwarest688dss211m_firmwaress383j_firmwaress352e_firmwaress339bss390d_firmwaress378b_firmwaress254g_firmware7gf54a\#ab1ss396g_firmwaress211ess367a_firmware7fr05a\#ab1_firmwaress395p_firmwaress027css277a_firmwaress353css328ass043a_firmwaress397pss284b_firmwaress150m4zb86ass332ass102ass389m_firmwaress204ass033ass108hss059b_firmwaress254a_firmwaress196hss326ass106m_firmwaress258ass280a_firmwaress359c_firmwaress359bss369c4zb84a_firmwaress387bss049d_firmwaress230n_firmwaress213d8af49a4zb90a_firmwaress336b_firmwaress353jss263bss272css379bst679f_firmwaress257d_firmware714z6a_firmwaress041g_firmwaress256c_firmwaress027dss396dst679fss367d_firmware4zb82ass042f_firmwaress219bss107bsw116b_firmware7gf52a\#ab1ss204m7zb72ass388ess044l_firmware7gf49a\#ab1ss216s_firmware3a9x2a\#301_firmwaresw176c_firmwaress365e_firmwaress330b_firmwaress150kss368fss340bss326c_firmwarest683c_firmwaress395ess229ass383jss106qss386f_firmwaress352a3a9x7a\#ab1_firmwaress059f_firmwaress377d_firmwarest688d_firmwaress342dss044kss150jss216n_firmwaress404fss386dss383mss233a_firmwarest688ass397g_firmwaress389p_firmwaress049kss076n_firmwaress395tss216bss153ess196b_firmwaress271b_firmwaress397mss076c_firmwaress384d_firmwaress150l_firmwaress340d_firmwaress334ass334b_firmwaress150nss076wss389j_firmwaress195bss330a_firmwaress365ess257n_firmwaress107lss334fss213f_firmwaress033c4zb83a_firmwaress059a7zb21a4zb94a_firmwaress058bsv901bss059jss263a_firmwarest695bss230lss349dss359nss044n_firmwaress106kss235ass323a_firmwaress107nss106a_firmwaress343dss271l_firmwaress216css153c_firmwaress041e_firmwaress369b_firmwarest679gss397jss383d_firmwaress288a_firmwaress391f_firmwaress380css106dss327bss049h_firmwaress106h_firmwaress322a7fq91a\#ab1_firmwaress272kss027e_firmwaress105f_firmware4zb94ass397d_firmwaress075h_firmwarest679dss216z7fq95a\#ab1ss237b_firmwaress389ass150d_firmwaress337a_firmwaress352f4zb81a_firmwaress398d_firmwaress271css230a4zb82a_firmwaress154bst690a_firmware7zb19a_firmwaress383v_firmwaress151b_firmwaress033d_firmwaress404f_firmwaress271a_firmwaress257k_firmwaress204psw192ast688f_firmwaress367e_firmwaress340a_firmwaress354a_firmwaress389t_firmwaress211ass384est673b_firmwaress152ass339d_firmwaress043ass204e_firmwaress383c7fr01a\#ab1ss219dss388h_firmwaress106q_firmwaress272lss377dss383pss377l_firmwaress033c_firmwaress343gss268b_firmwaress213ass229d_firmwaress392b_firmwaress365m_firmwarest695a_firmwaress196c4zb81ass211pst685ass322b_firmwaress273ass368e_firmwaress271hst693c_firmware4zb93a_firmwaress213css044f_firmwaress219d_firmwaress397l_firmwaress383ew7u02ass282a_firmwaress216fss075f6hu10a_firmwaress042e_firmwaress049l_firmwaress205g_firmwaress397fss256sss210gss397f_firmware8pa14a\#302_firmwaress027c_firmware4zb91a_firmwaress368f_firmwaress352pss216mss343jss390h_firmwaress404d_firmwaress284ass335b_firmwaress230bss059j_firmwaress271gss230h7gf51a\#ab1_firmware3b0c7a\#301ss150sss205sss365a_firmwaress353kss326b_firmwaress256b_firmwaress230fss377a_firmwaress059gss216pss199a_firmwarest673c_firmware2zn50ass213bss271f_firmwarest682bss153e_firmwaress044nss076gss367f_firmwaress027b_firmware7fr02a\#ab1ss377css204k_firmwaress205q_firmwaress353gss204nss257css383c_firmwaress359pss386c_firmwaress105ass076zss389vss256fst690b_firmwaress260ass271n_firmwaress343ass205bss033e_firmwaress393b_firmwaress272k_firmwaress378css404nss396a_firmwaresw112b_firmwaress368b_firmwaress383k_firmwarest673css389qss349e_firmware7gf49a\#ab1_firmwaress216u715a0ast688b_firmwaress377c_firmwaress349bss367b_firmwaress075e_firmwaress342f_firmwaress352dss328bss388bss213b_firmwaress334cst687a_firmwaress076z_firmwaress377b_firmwaress150ess331b_firmwaress353k_firmwaress210lss075gss390css395gss339ass395css272ess271sss042j_firmwaress385a_firmwaress256dss043bss389fss041h_firmwaress211p_firmwaress386ess033n3b0d3a\#301_firmwaress196c_firmwaress398g_firmwaress367bss255bss287ass049a_firmwaress263b_firmwaress388g_firmwarest673bss324ass271j_firmwaress044a_firmwaress367c_firmwaress044h_firmwaress153jss404mss272ass211g_firmwaress383fss230tss397k_firmwaress149ass389l_firmwaress229jss378h_firmware5ue14a_firmwarest685a_firmwarest686a_firmwarest694c_firmware7zb20ass349a_firmwaress205jss108fss359p_firmwaress108c_firmwaress353ess256q_firmwaress352jss106pss205mss107l_firmwarest683ess204j_firmwaress286ass396f_firmwaress384e_firmwaress271t_firmwaress359a3a9x7a\#ab1ss365ass393css257f_firmwaress042e715a5ass256h3a9x4a\#ab1_firmwaress389jss257l7gf48a\#ab1ss254ass260a_firmwaress027hst688ess365d7ab26ass217a_firmwaress272t_firmwaress153lss352c4zb87ass058c_firmwaress043fss339cst690dst686bss383sss256s_firmwaress204b_firmwaress272dss256pss395j_firmwaress219c_firmwaress359m_firmwaress105c_firmwaress398gss231ass107d_firmwaress377m_firmwaress033dss205a_firmware7fq87a\#ab1_firmwaress282c_firmwaress033m_firmwaress282ass281c_firmwarest673d_firmwaress108kss377ess107a_firmwaress395f_firmwaress043jss367dst682c_firmwaress229bss153fss105a_firmwaress395f7fq93a\#ab1_firmwaress335hss216z_firmwaress108lss338a_firmwaress271s_firmwaress107gss334e_firmwaress398bss378k4zb88ass204p_firmwaress205u_firmwaress272ust694bss381a_firmwaress049gss277b_firmwaress256t_firmwaress107hss153h_firmwaress350a_firmwaress272tss388ass391d_firmwaress388d_firmwaress043g_firmwaress390e_firmwaress397gss229g_firmwaress049b_firmware7fq96a\#ab1ss204hst679bst684b_firmwaress196gss076p_firmwaress213fss404c_firmwaress204gss210k4zb84ast679c_firmwaress368j_firmwaress393ass397nss196ass044g_firmware715a4ass150pss348bss041bss388h6hu09ass211n_firmwaress397n_firmwaress392c_firmwaress153g_firmware7fr05a\#ab1ss215ass276css044lss322a_firmwaress389f_firmwaress154b_firmwaress218g_firmwaress389nst679css331bss041gss106z_firmware1vr14ass352p_firmwaress383w_firmwaress389c_firmwarest690ass377f_firmwaress205e8af52a_firmware2ky38a_firmwarest683ass196e4zb80a_firmwarest684bss216t_firmwaress211f715a2ass378ess384css383dss043l7zb19ass033n_firmwaress044g7fq95a\#ab1_firmwaress196d_firmwaress397e_firmwaress396gss365kst686c_firmwaress230k3b0c1a\#304_firmwaress216tss322c_firmwaress272h_firmwaress027bss153d714z7ass380c_firmwaress152c_firmware4zb80ass272pss108g_firmware714z8ass272sss255css395t_firmwaress348ass108bsw112bss272z_firmwaress106l_firmwaress389sss404bss272j_firmwaress368jss389ess257gss367ess272g_firmwaress153a_firmwaress274b_firmwaress343hss404n_firmwaress256zss395a4zb86a_firmwaress343ess378j_firmwaress396ass398ass344a_firmwaress390gss352c_firmwaress359a_firmwaress103ass257pss041css204css378jss342e_firmwaress229b_firmware714z6ass388dss335css267ass340b_firmwaress284bss343bst694css256bsw176css204fss150e_firmwaress205z_firmwaress042gss205n_firmwaress351a_firmwaress204g_firmwaress343d_firmwaress152dss343h_firmwaress033f_firmwaress349d_firmwaress390a_firmwaress349b_firmwaress216dss230dss378g_firmwaress218k_firmware209u7a_firmwaress377n_firmwaress076a_firmwaress210l_firmwaress229dss377p_firmwaress404p_firmwaress377hss352d_firmwaress106t_firmwaress397qss230jss150hss230qss327b_firmwaress108e_firmwaress231a_firmwaress216ew7u01ass043k_firmwaress342b_firmwaress272m5ue15a_firmwaress322css328b_firmwarest683e_firmwaress377mss257hss254b_firmwaress196e_firmwaress389css153k_firmwaress150m_firmwaress216e_firmwaress388c_firmwaress205g2ky38ass210a_firmwaress150s_firmwaress389bss107e_firmwaress377ass365hss359j_firmware714z7a_firmwaress342ass259a_firmwaress153j_firmware7fq89a\#ab1ss335c_firmwaress205ass266a_firmwaress378c_firmwarest683a_firmware4zb92a_firmwarest695d_firmwaress397c_firmwaress275ass397ess049j_firmwaress395k_firmware3b0c9a\#304ss204a_firmwaress368gss041j_firmwaress044hss049g_firmwaress367fss397h_firmware5ue14ass212ass049hss107ess218kss392bss378k_firmwaress334b7fr01a\#ab1_firmwaress257z_firmwaress337ass230e_firmware4zb97ass076nss210ess394ass271ess205d7fr02a\#ab1_firmware9vv52ass282bss216vss274bss404j_firmware5ue15ass327d_firmwaress390b_firmwaress033gss205tss343f_firmwaress150g_firmwaress106ass075ess384c_firmwaress277bss210fss044dst683css211dsw176b_firmwaress216ass366a_firmwarest686f_firmwaress267b_firmwaress343k_firmwaress210bss395q_firmwaress041ass042h_firmwaress335h_firmwaress107m_firmwaress108ess058e_firmwarest679g_firmwaress378f_firmwaress108dss256ess210b_firmware7gf47a\#ab1715a4a_firmwaress264ass257f3b0c3a\#ab1ss359k_firmwarest693ass049mss210h_firmwaress033est686dss271qss059dss368bss213d_firmwaress343j_firmwaress230sss285ass205b_firmwaress042hss216c_firmwaress218d_firmwaress383b_firmwaress355a_firmwarest686g_firmwaress058d_firmwarest693css357ass257ass059css107kst679ess359qss205e_firmwarest688fss383ass397m_firmwaress331ass390f_firmwaress352s_firmwaress076x_firmwaress387b_firmwaress106s_firmwaress218dss211css075a7gf55a\#ab1ss352j_firmwaress230l_firmwaress378bss386b_firmwaress219ess271mss382ass383lss043c8pa10a\#301_firmwaress365h_firmwaress273a_firmwaress369c_firmwaress390g_firmwaress287bss033b_firmwaress389d_firmwarest688j_firmwaress153hss215a_firmwaress107q_firmwaress075c_firmwaress389k_firmwaress211a_firmwaress205pss378ass359d_firmwaress326a_firmwaress256gss216h_firmwaress257b_firmwaress275css107c7zb25a_firmwaress105bst686ess390c_firmwaress272p_firmwaress397dss076f4zb97a_firmwaress033hss352nss352qss105fss105css196b8pa11a\#301ss041dss368dst679e_firmwaress205j_firmwaress254gss384b6hu12ass107jss210hss043h_firmwaress391a_firmwaress043ess389a_firmwaress204l_firmwaress237ass395b_firmwaress383m_firmwaress044c_firmwareHP and Samsung Printer software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2019-16407
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.3||HIGH
EPSS-0.36% / 28.26%
||
7 Day CHG~0.00%
Published-02 Oct, 2019 | 18:11
Updated-05 Aug, 2024 | 01:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

JetBrains ReSharper installers for versions before 2019.2 had a DLL Hijacking vulnerability.

Action-Not Available
Vendor-n/aJetBrains s.r.o.
Product-resharpern/a
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2017-20123
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.8||HIGH
EPSS-1.17% / 63.61%
||
7 Day CHG+0.17%
Published-30 Jun, 2022 | 05:05
Updated-15 Apr, 2025 | 14:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Viscosity DLL untrusted search path

A vulnerability was found in Viscosity 1.6.7. It has been classified as critical. This affects an unknown part of the component DLL Handler. The manipulation leads to untrusted search path. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.6.8 is able to address this issue. It is recommended to upgrade the affected component.

Action-Not Available
Vendor-sparklabsunspecifiedMicrosoft Corporation
Product-windowsviscosityViscosity
CWE ID-CWE-426
Untrusted Search Path
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-24423
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-7||HIGH
EPSS-1.11% / 61.92%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 21:00
Updated-16 Sep, 2024 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Uncontrolled Search Path in Adobe Media Encoder for Windows

Adobe Media Encoder version 14.4 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Microsoft CorporationAdobe Inc.
Product-windowsmedia_encoderMedia Encoder
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-21206
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.3||HIGH
EPSS-0.65% / 46.46%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 17:58
Updated-13 Feb, 2026 | 19:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Visual Studio Installer Elevation of Privilege Vulnerability

Visual Studio Installer Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-visual_studio_2022visual_studio_2019visual_studio_2017Microsoft Visual Studio 2022 version 17.8Microsoft Visual Studio 2022 version 17.10Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)Microsoft Visual Studio 2022 version 17.12
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-21127
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-0.29% / 20.29%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 18:53
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Photoshop Desktop | Uncontrolled Search Path Element (CWE-427)

Photoshop Desktop versions 25.12, 26.1 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could lead to arbitrary code execution. An attacker could manipulate the search path environment variable to point to a malicious library, resulting in the execution of arbitrary code when the application loads. Exploitation of this issue requires user interaction in that a victim must run the vulnerable application.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-macosphotoshopwindowsPhotoshop Desktop
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-41796
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-7.8||HIGH
EPSS-0.20% / 10.53%
||
7 Day CHG~0.00%
Published-24 Oct, 2022 | 00:00
Updated-07 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Untrusted search path vulnerability in the installer of Content Transfer (for Windows) Ver.1.3 and prior allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

Action-Not Available
Vendor-Sony Group Corporation
Product-content_transferContent Transfer (for Windows)
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-24161
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.40% / 32.31%
||
7 Day CHG~0.00%
Published-03 Sep, 2020 | 16:10
Updated-04 Aug, 2024 | 15:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Guangzhou NetEase Mail Master 4.14.1.1004 on Windows has a DLL hijacking vulnerability. Attackers can use this vulnerability to execute malicious code.

Action-Not Available
Vendor-163n/a
Product-netease_mail_mastern/a
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-16154
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.71% / 49.12%
||
7 Day CHG~0.00%
Published-13 Dec, 2021 | 17:00
Updated-04 Aug, 2024 | 13:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The App::cpanminus package 1.7044 for Perl allows Signature Verification Bypass.

Action-Not Available
Vendor-app\n/aFedora Project
Product-\fedoran/a
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2013-0725
Matching Score-4
Assigner-Flexera Software LLC
ShareView Details
Matching Score-4
Assigner-Flexera Software LLC
CVSS Score-7.8||HIGH
EPSS-0.45% / 36.07%
||
7 Day CHG~0.00%
Published-30 Jan, 2020 | 13:03
Updated-06 Aug, 2024 | 14:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary code execution vulnerabilities

Action-Not Available
Vendor-hexagongeospatialERDAS
Product-erdas_er_viewerER Viewer
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-18173
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.47% / 37.42%
||
7 Day CHG~0.00%
Published-26 Jul, 2021 | 18:26
Updated-04 Aug, 2024 | 14:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A DLL injection vulnerability in 1password.dll of 1Password 7.3.712 allows attackers to execute arbitrary code.

Action-Not Available
Vendor-1passwordn/a
Product-1passwordn/a
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-15558
Matching Score-4
Assigner-Docker Inc.
ShareView Details
Matching Score-4
Assigner-Docker Inc.
CVSS Score-7||HIGH
EPSS-0.47% / 37.42%
||
7 Day CHG+0.04%
Published-04 Mar, 2026 | 16:14
Updated-30 Jun, 2026 | 12:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Docker Desktop Docker Plugins Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries (docker-compose.exe, docker-buildx.exe, etc.) that are executed when a victim user opens Docker Desktop or invokes Docker CLI plugin features, and allow privilege-escalation if the docker CLI is executed as a privileged user. This issue affects Docker CLI: through 29.1.5 and Windows binaries acting as a CLI-plugin manager using the github.com/docker/cli/cli-plugins/manager https://pkg.go.dev/github.com/docker/cli@v29.1.5+incompatible/cli-plugins/manager  package, such as Docker Compose. This issue does not impact non-Windows binaries, and projects not using the plugin-manager code.

Action-Not Available
Vendor-Microsoft CorporationDocker, Inc.Red Hat, Inc.
Product-command_line_interfacewindowsComposeDocker CLIRed Hat OpenShift AI (RHOAI)Red Hat OpenShift for Windows ContainersSecurity Profiles OperatorMulticluster Engine for KubernetesGatekeeper 3Kernel Module Management Operator for Red Hat OpenshiftMachine Deletion Remediation OperatorRed Hat OpenStack Platform 18.0Red Hat Quay 3Multicluster Global HubRed Hat OpenShift Container Platform 4Red Hat OpenShift GitOpsRed Hat Advanced Cluster Security 4Builds for Red Hat OpenShiftRed Hat OpenShift Virtualization 4Red Hat OpenStack Platform 16.2OpenShift PipelinesZero Trust Workload Identity ManagerAssisted Installer for Red Hat OpenShift Container Platform 2Red Hat OpenShift Dev SpacesRed Hat Trusted Artifact SignerRed Hat Advanced Cluster Management for Kubernetes 2Zero Trust Workload Identity Manager - Tech PreviewOpenShift Service Mesh 2Red Hat OpenStack Platform 17.1OpenShift ServerlessOpenShift Service Mesh 3
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-15657
Matching Score-4
Assigner-Mozilla Corporation
ShareView Details
Matching Score-4
Assigner-Mozilla Corporation
CVSS Score-7.8||HIGH
EPSS-0.35% / 27.31%
||
7 Day CHG~0.00%
Published-10 Aug, 2020 | 17:43
Updated-04 Aug, 2024 | 13:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Firefox could be made to load attacker-supplied DLL files from the installation directory. This required an attacker that is already capable of placing files in the installation directory. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.

Action-Not Available
Vendor-Mozilla CorporationMicrosoft Corporation
Product-firefoxwindowsthunderbirdfirefox_esrFirefoxFirefox ESRThunderbird
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-66476
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.8||HIGH
EPSS-0.44% / 35.22%
||
7 Day CHG+0.01%
Published-02 Dec, 2025 | 21:49
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Vim for Windows Uncontrolled Search Path Element Remote Code Execution Vulnerability

Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables placed in the current working directory for the current edited file. On Windows, when using cmd.exe as a shell, Vim resolves external commands by searching the current working directory before system paths. When Vim invokes tools such as findstr for :grep, external commands or filters via :!, or compiler/:make commands, it may inadvertently run a malicious executable present in the same directory as the file being edited. The issue affects Vim for Windows prior to version 9.1.1947.

Action-Not Available
Vendor-VimMicrosoft Corporation
Product-vimwindowsvim
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-13662
Matching Score-4
Assigner-Ivanti
ShareView Details
Matching Score-4
Assigner-Ivanti
CVSS Score-7.8||HIGH
EPSS-0.47% / 37.66%
||
7 Day CHG~0.00%
Published-09 Dec, 2025 | 16:05
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary code. User Interaction is required.

Action-Not Available
Vendor-Ivanti Software
Product-endpoint_managerEndpoint Manager
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2023-41613
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.45% / 36.09%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 00:00
Updated-28 Aug, 2024 | 19:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

EzViz Studio v2.2.0 is vulnerable to DLL hijacking.

Action-Not Available
Vendor-ezvizn/aezvizMicrosoft Corporation
Product-ezviz_studiowindowsn/aezviz_studio
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2017-20018
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-0.60% / 44.10%
||
7 Day CHG~0.00%
Published-09 Jun, 2022 | 22:35
Updated-15 Apr, 2025 | 14:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
XAMPP Installer uncontrolled search path

A vulnerability was found in XAMPP 7.1.1-0-VC14. It has been classified as problematic. Affected is an unknown function of the component Installer. The manipulation leads to privilege escalation. It is possible to launch the attack remotely.

Action-Not Available
Vendor-unspecifiedApache Friends
Product-xamppXAMPP
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-11223
Matching Score-4
Assigner-Panasonic Holdings Corporation
ShareView Details
Matching Score-4
Assigner-Panasonic Holdings Corporation
CVSS Score-8.4||HIGH
EPSS-0.15% / 4.67%
||
7 Day CHG~0.00%
Published-03 Oct, 2025 | 08:02
Updated-06 Oct, 2025 | 14:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Installer of Panasonic AutoDownloader version 1.2.8 contains an issue with the DLL search path, which may lead to loading a crafted DLL file in the same directory.

Action-Not Available
Vendor-Panasonic
Product-AutoDownloader
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-37340
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.18% / 8.07%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) QAT drivers for Windows before version 1.6 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quickassist_technologyIntel(R) QAT drivers for Windows
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-10213
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
ShareView Details
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
CVSS Score-7||HIGH
EPSS-0.16% / 5.29%
||
7 Day CHG~0.00%
Published-10 Sep, 2025 | 11:38
Updated-29 Jan, 2026 | 01:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DLL search path hijacking vulnerability

DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a dxtn.dll file of their choice in the 'C:\Users\<user>\AppData\Local\Microsoft\WindowsApps\' directory, which could lead to arbitrary code execution and persistence.

Action-Not Available
Vendor-updfUPDF
Product-updfUPDF
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-10215
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
ShareView Details
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
CVSS Score-7||HIGH
EPSS-0.16% / 5.29%
||
7 Day CHG~0.00%
Published-10 Sep, 2025 | 11:39
Updated-20 Jan, 2026 | 20:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DLL search path hijacking vulnerability

DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a FREngine.dll file of their choice in the 'C:\Users\Public\AppData\Local\UPDF\FREngine\Bin64\' directory, which could lead to arbitrary code execution and persistence.

Action-Not Available
Vendor-updfUPDF
Product-updfUPDF
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2019-17093
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.57% / 43.00%
||
7 Day CHG~0.00%
Published-23 Oct, 2019 | 16:59
Updated-05 Aug, 2024 | 01:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Avast antivirus before 19.8 and AVG antivirus before 19.8. A DLL Preloading vulnerability allows an attacker to implant %WINDIR%\system32\wbemcomn.dll, which is loaded into a protected-light process (PPL) and might bypass some of the self-defense mechanisms. This affects all components that use WMI, e.g., AVGSvc.exe 19.6.4546.0 and TuneupSmartScan.dll 19.1.884.0.

Action-Not Available
Vendor-avastavgn/a
Product-anti-virusantivirusn/a
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-38136
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.19% / 9.37%
||
7 Day CHG~0.00%
Published-06 Feb, 2023 | 18:58
Updated-27 Jan, 2025 | 18:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the Intel(R) oneAPI DPC++/C++ Compiler for Windows and Intel Fortran Compiler for Windows before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-oneapi_dpc\+\+\/c\+\+_compilerIntel(R) oneAPI DPC++/C++ Compiler for Windows and Intel® Fortran Compiler for Windows before version 2022.2.1 for some Intel(R) oneAPI Toolkits
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-10198
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-7.8||HIGH
EPSS-0.21% / 11.30%
||
7 Day CHG~0.00%
Published-09 Sep, 2025 | 17:28
Updated-20 Jan, 2026 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
LizardBytes Sunshine for Windows contains a DLL search-order hijacking vulnerability

Sunshine for Windows, version v2025.122.141614, contains a DLL search-order hijacking vulnerability, allowing attackers to insert a malicious DLL in user-writeable PATH directories.

Action-Not Available
Vendor-lizardbyteLizardByteMicrosoft Corporation
Product-sunshinewindowsSunshine for Windows
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-10214
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
ShareView Details
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
CVSS Score-7||HIGH
EPSS-0.16% / 5.29%
||
7 Day CHG~0.00%
Published-10 Sep, 2025 | 11:39
Updated-29 Jan, 2026 | 16:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DLL search path hijacking vulnerability

DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a FREngine.dll file of their choice in the 'C:\Users\<user>\AppData\Local\UPDF\FREngine\Bin64\' directory, which could lead to arbitrary code execution and persistence.

Action-Not Available
Vendor-updfUPDF
Product-updfUPDF
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2019-1736
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6.2||MEDIUM
EPSS-0.25% / 15.82%
||
7 Day CHG~0.00%
Published-23 Sep, 2020 | 00:26
Updated-13 Nov, 2024 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multiple Cisco UCS-Based Products UEFI Secure Boot Bypass Vulnerability

A vulnerability in the firmware of the Cisco UCS C-Series Rack Servers could allow an authenticated, physical attacker to bypass Unified Extensible Firmware Interface (UEFI) Secure Boot validation checks and load a compromised software image on an affected device. The vulnerability is due to improper validation of the server firmware upgrade images. An attacker could exploit this vulnerability by installing a server firmware version that would allow the attacker to disable UEFI Secure Boot. A successful exploit could allow the attacker to bypass the signature validation checks that are done by UEFI Secure Boot technology and load a compromised software image on the affected device. A compromised software image is any software image that has not been digitally signed by Cisco.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-sns-3615-k9_biosfmc2500-k9_firmwaresns-3515-k9_biosfmc4500-k9_biostg5004-k9-rf_biosfmc2500-k9_biossns-3595-k9_firmwarefmc1000-k9_firmwaretg5004-k9_biostg5004-k9-rf_firmwarefmc1000-k9_biostg5004-k9_firmwarefmc4500-k9_firmwaresns-3695-k9_firmwaresns-3655-k9_biossns-3615-k9_firmwaresns-3655-k9_firmwaresns-3515-k9_firmwareunified_computing_systemsns-3695-k9_biossns-3595-k9_biosidentity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2022-37329
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.18% / 7.91%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) Quartus(R) Prime Pro and Standard Edition software may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-fpga_software_development_kitquartus_primeIntel(R) Quartus(R) Prime Pro and Standard Edition software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-38395
Matching Score-4
Assigner-HP Inc.
ShareView Details
Matching Score-4
Assigner-HP Inc.
CVSS Score-7.8||HIGH
EPSS-2.80% / 84.73%
||
7 Day CHG~0.00%
Published-18 Nov, 2022 | 20:52
Updated-29 Apr, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Support Assistant uses HP Performance Tune-up as a diagnostic tool. HP Support Assistant uses Fusion to launch HP Performance Tune-up. It is possible for an attacker to exploit the DLL hijacking vulnerability and elevate privileges when Fusion launches the HP Performance Tune-up.

Action-Not Available
Vendor-HP Inc.
Product-fusionsupport_assistantHP Support Assistant
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-36271
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.55% / 41.97%
||
7 Day CHG~0.00%
Published-07 Sep, 2022 | 13:46
Updated-03 Aug, 2024 | 10:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Outbyte PC Repair Installation File 1.7.112.7856 is vulnerable to Dll Hijacking. iertutil.dll is missing so an attacker can use a malicious dll with same name and can get admin privileges.

Action-Not Available
Vendor-outbyten/a
Product-pc_repairn/a
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-36415
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.21% / 11.46%
||
7 Day CHG~0.00%
Published-23 Jul, 2022 | 02:32
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A DLL hijacking vulnerability exists in the uninstaller in Scooter Beyond Compare 1.8a through 4.4.2 before 4.4.3 when installed via the EXE installer. The uninstaller attempts to load DLLs out of a Windows Temp folder. If a standard user places malicious DLLs in the C:\Windows\Temp\ folder, and then the uninstaller is run as SYSTEM, the DLLs will execute with elevated privileges.

Action-Not Available
Vendor-scootersoftwaren/a
Product-beyond_comparen/a
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-36380
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.17% / 6.55%
||
7 Day CHG~0.00%
Published-11 Nov, 2022 | 15:49
Updated-04 Feb, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_kit_nuc5ppyhnuc_kit_nuc6caysnuc_kit_wireless_adapter_driver_installernuc_kit_nuc5pgyhnuc_kit_nuc6cayhnuc_board_nuc8cchbnuc_8_rugged_kit_nuc8cchkrIntel(r) NUC Kit Wireless Adapter drivers for Windows 10
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-7834
Matching Score-4
Assigner-cirosec GmbH
ShareView Details
Matching Score-4
Assigner-cirosec GmbH
CVSS Score-7.8||HIGH
EPSS-0.30% / 21.73%
||
7 Day CHG~0.00%
Published-04 Sep, 2024 | 12:35
Updated-05 Sep, 2024 | 17:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local privilege escalation in Overwolf

A local privilege escalation is caused by Overwolf loading and executing certain dynamic link library files from a user-writeable folder in SYSTEM context on launch. This allows an attacker with unprivileged access to the system to run arbitrary code with SYSTEM privileges by placing a malicious .dll file in the respective location.

Action-Not Available
Vendor-overwolfOverwolfoverwolf
Product-overwolfOverwolfoverwolf
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-36840
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-4.5||MEDIUM
EPSS-0.18% / 7.65%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 15:18
Updated-03 Aug, 2024 | 10:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

DLL hijacking vulnerability in Samsung Update Setup prior to version 2.2.9.50 allows attackers to execute arbitrary code.

Action-Not Available
Vendor-SamsungSamsung Electronics
Product-updateSamsung Update Setup
CWE ID-CWE-427
Uncontrolled Search Path Element
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 9
  • 10
  • Next
Details not found