Tfhm

#9472of 53,622
29.2Total CVSS
Vulnerabilities · 4
Medium
2
High
2
PT-2024-16003
6.8
2024-10-17
Opensight · Flashfxp · CVE-2024-10068
**Name of the Vulnerable Software and Affected Versions** OpenSight Software FlashFXP version 5.4.0.3970 **Description** A critical issue was found in the library libcrypto-1 1.dll of the file FlashFXP.exe, affecting an unknown function. This leads to uncontrolled search path manipulation. The attack must be approached locally, and the exploit has been disclosed to the public. The vendor was contacted about this disclosure but did not respond. **Recommendations** As a temporary workaround, consider restricting access to the library libcrypto-1 1.dll to minimize the risk of exploitation. Review file permissions to mitigate the risk of local exploit. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2024-38659
6.8
2024-08-16
Scooter · Beyond Compare · CVE-2024-7886
**Name of the Vulnerable Software and Affected Versions** Scooter Software Beyond Compare versions up to 3.3.5.15075 **Description** A critical issue has been found in the library 7zxa.dll, affecting an unknown functionality. The manipulation leads to an uncontrolled search path. Local attack is required to exploit this issue. The existence of this issue is still disputed. The vendor states that a system must be breached before this issue can be exploited and does not plan to make any changes to address it. **Recommendations** For versions up to 3.3.5.15075, at the moment, there is no information about a newer version that contains a fix for this issue.
PT-2023-32802
7.8
2023-12-17
Peazip · Peazip · CVE-2023-6891
**Name of the Vulnerable Software and Affected Versions** PeaZip versions 9.4.0 **Description** A vulnerability has been found in the library dragdropfilesdll.dll of the component Library Handler, leading to uncontrolled search path. The manipulation can be exploited locally. Upgrading to version 9.6.0 is able to address this issue. **Recommendations** For PeaZip version 9.4.0, upgrade to version 9.6.0 to address the issue. As a temporary workaround, consider restricting access to the `dragdropfilesdll.dll` library until the update is applied.
PT-2023-32639
7.8
2023-11-30
Notepad++ · Notepad++ · CVE-2023-6401
**Name of the Vulnerable Software and Affected Versions** NotePad++ versions up to 8.1 **Description** A problematic issue was found in NotePad++, affecting an unknown functionality of the file dbghelp.exe. This leads to an uncontrolled search path. The issue can be exploited locally. **Recommendations** For versions up to 8.1, at the moment, there is no information about a newer version that contains a fix for this issue.