Search Results (2570 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-36291 2026-04-15 6.7 Medium
Uncontrolled search path for some Intel(R) Chipset Software Installation Utility before version 10.1.19867.8574 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-36283 2026-04-15 6.7 Medium
Uncontrolled search path for the Intel(R) Thread Director Visualizer software before version 1.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-21766 1 Intel 1 Oneapi Math Kernel Library 2026-04-15 6.7 Medium
Uncontrolled search path for some Intel(R) oneAPI Math Kernel Library software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-21769 1 Intel 1 Ethernet Complete Driver Pack 2026-04-15 6.7 Medium
Uncontrolled search path in some Intel(R) Ethernet Connection I219-LM install software may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-21774 2026-04-15 6.7 Medium
Uncontrolled search path in some Intel(R) Processor Identification Utility software before versions 6.10.34.1129, 7.1.6 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-36280 1 Intel 1 High Level Synthesis Compiler 2026-04-15 6.7 Medium
Uncontrolled search path for some Intel(R) High Level Synthesis Compiler software before version 24.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-33582 1 Lenovo 1 Service Framework 2026-04-15 7.8 High
A DLL hijack vulnerability was reported in Lenovo Service Framework that could allow a local attacker to execute code with elevated privileges.
CVE-2024-21818 2026-04-15 6.7 Medium
Uncontrolled search path in some Intel(R) PCM software before version 202311 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-21830 2026-04-15 6.7 Medium
Uncontrolled search path in some Intel(R) VPL software before version 2023.4.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-33581 1 Lenovo 1 Pcmanager 2026-04-15 7.8 High
A DLL hijack vulnerability was reported in Lenovo PC Manager AI intelligent scenario that could allow a local attacker to execute code with elevated privileges.
CVE-2024-21857 1 Intel 1 Oneapi Compiler Software 2026-04-15 6.7 Medium
Uncontrolled search path for some Intel(R) oneAPI Compiler software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-21922 1 Amd 1 Storemi 2026-04-15 7.3 High
A DLL hijacking vulnerability in AMD StoreMIā„¢ could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
CVE-2024-21923 1 Amd 1 Storemi 2026-04-15 7.3 High
Incorrect default permissions in AMD StoreMIā„¢ could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.
CVE-2024-22437 2026-04-15 7.3 High
A potential security vulnerability has been identified in VSS Provider and CAPI Proxy software for certain HPE MSA storage products. This vulnerability could be exploited to gain elevated privilege on the system.
CVE-2024-33580 1 Lenovo 1 Personal Cloud 2026-04-15 7.8 High
A DLL hijack vulnerability was reported in Lenovo Personal Cloud that could allow a local attacker to execute code with elevated privileges.
CVE-2024-33579 1 Lenovo 1 Baiying 2026-04-15 7.8 High
A DLL hijack vulnerability was reported in Lenovo Baiying that could allow a local attacker to execute code with elevated privileges.
CVE-2024-33578 1 Lenovo 1 Leyun 2026-04-15 7.8 High
A DLL hijack vulnerability was reported in Lenovo Leyun that could allow a local attacker to execute code with elevated privileges.
CVE-2024-32019 1 Netdata 1 Netdata 2026-04-15 8.8 High
Netdata is an open source observability tool. In affected versions the `ndsudo` tool shipped with affected versions of the Netdata Agent allows an attacker to run arbitrary programs with root permissions. The `ndsudo` tool is packaged as a `root`-owned executable with the SUID bit set. It only runs a restricted set of external commands, but its search paths are supplied by the `PATH` environment variable. This allows an attacker to control where `ndsudo` looks for these commands, which may be a path the attacker has write access to. This may lead to local privilege escalation. This vulnerability has been addressed in versions 1.45.3 and 1.45.2-169. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2024-24852 1 Intel 1 Ethernet Adapter Complete Driver Pack 2026-04-15 6.7 Medium
Uncontrolled search path in some Intel(R) Ethernet Adapter Complete Driver Pack install before versions 29.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-2730 1 Mautic 1 Mautic 2026-04-15 5.3 Medium
Mautic uses predictable page indices for unpublished landing pages, their content can be accessed by unauthenticated users under public preview URLs which could expose sensitive data. At the time of publication of the CVE no patch is available