Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    3 vulnerabilities by Glarysoft Ltd.

    CVE-2018-0619 (GCVE-0-2018-0619)

    Vulnerability from cvelistv5 – Published: 2018-07-26 17:00 – Updated: 2024-08-05 03:28
    VLAI
    Summary
    Untrusted search path vulnerability in the installer of Glarysoft Glary Utilities (Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
    Severity
    No CVSS data available.
    CWE
    • Untrusted search path vulnerability
    Assigner
    References
    URL Tags
    http://jvn.jp/en/jp/JVN84967039/index.html third-party-advisoryx_refsource_JVN
    Impacted products
    Vendor Product Version
    Glarysoft Ltd. Installer of Glary Utilities Affected: Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier
    Create a notification for this product.
    Date Public
    2018-07-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:28:11.200Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVN#84967039",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN84967039/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Installer of Glary Utilities",
              "vendor": "Glarysoft Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2018-07-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Untrusted search path vulnerability in the installer of Glarysoft Glary Utilities (Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Untrusted search path vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-07-26T16:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "JVN#84967039",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN84967039/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2018-0619",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Installer of Glary Utilities",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Glarysoft Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Untrusted search path vulnerability in the installer of Glarysoft Glary Utilities (Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Untrusted search path vulnerability"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVN#84967039",
                  "refsource": "JVN",
                  "url": "http://jvn.jp/en/jp/JVN84967039/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2018-0619",
        "datePublished": "2018-07-26T17:00:00.000Z",
        "dateReserved": "2017-11-27T00:00:00.000Z",
        "dateUpdated": "2024-08-05T03:28:11.200Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-0619 (GCVE-0-2018-0619)

    Vulnerability from nvd – Published: 2018-07-26 17:00 – Updated: 2024-08-05 03:28
    VLAI
    Summary
    Untrusted search path vulnerability in the installer of Glarysoft Glary Utilities (Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
    Severity
    No CVSS data available.
    CWE
    • Untrusted search path vulnerability
    Assigner
    References
    URL Tags
    http://jvn.jp/en/jp/JVN84967039/index.html third-party-advisoryx_refsource_JVN
    Impacted products
    Vendor Product Version
    Glarysoft Ltd. Installer of Glary Utilities Affected: Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier
    Create a notification for this product.
    Date Public
    2018-07-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:28:11.200Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVN#84967039",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN84967039/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Installer of Glary Utilities",
              "vendor": "Glarysoft Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2018-07-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Untrusted search path vulnerability in the installer of Glarysoft Glary Utilities (Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Untrusted search path vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-07-26T16:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "JVN#84967039",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN84967039/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2018-0619",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Installer of Glary Utilities",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Glarysoft Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Untrusted search path vulnerability in the installer of Glarysoft Glary Utilities (Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Untrusted search path vulnerability"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVN#84967039",
                  "refsource": "JVN",
                  "url": "http://jvn.jp/en/jp/JVN84967039/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2018-0619",
        "datePublished": "2018-07-26T17:00:00.000Z",
        "dateReserved": "2017-11-27T00:00:00.000Z",
        "dateUpdated": "2024-08-05T03:28:11.200Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    JVNDB-2018-000070

    Vulnerability from jvndb - Published: 2018-07-03 13:42 - Updated:2019-07-05 17:52
    Severity
    Summary
    Installer of Glary Utilities may insecurely load Dynamic Link Libraries
    Details
    Installer of Glary Utilities provided by Glarysoft Ltd. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427). Eili Masami reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000070.html",
      "dc:date": "2019-07-05T17:52+09:00",
      "dcterms:issued": "2018-07-03T13:42+09:00",
      "dcterms:modified": "2019-07-05T17:52+09:00",
      "description": "Installer of Glary Utilities provided by Glarysoft Ltd. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).\r\n\r\nEili Masami reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000070.html",
      "sec:cpe": {
        "#text": "cpe:/a:glarysoft:glary_utilities",
        "@product": "Glary Utilities",
        "@vendor": "Glarysoft Ltd.",
        "@version": "2.2"
      },
      "sec:cvss": [
        {
          "@score": "6.8",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "@version": "2.0"
        },
        {
          "@score": "7.8",
          "@severity": "High",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2018-000070",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN84967039/index.html",
          "@id": "JVN#84967039",
          "@source": "JVN"
        },
        {
          "#text": "https://jvn.jp/en/ta/JVNTA91240916/index.html",
          "@id": "JVNTA#91240916",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0619",
          "@id": "CVE-2018-0619",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2018-0619",
          "@id": "CVE-2018-0619",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "Installer of Glary Utilities may insecurely load Dynamic Link Libraries"
    }