Lucene search
+L

12662 matches found

NCSC
NCSC
added yesterday9 views

Vulnerabilities in SAP-products

SAP has identified vulnerabilities in the following SAP NetWeaver Application Server ABAP, SAP Approuter, SAP Commerce Cloud, SAP NetWeaver Application Server Java, SAProuter, SAP Change and Transport System Attach Tool, SAP NetWeaver Enterprise Portal, SAP S/4HANA modules, SAP Fiori Launchpad, S...

9.9CVSS7.1AI score0.01339EPSS
Exploits7References1
NVD
NVD
added yesterday9 views

CVE-2026-21770

HCL Traveler for Microsoft Outlook HTMO is susceptible to a DLL hijacking vulnerability which could allow an attacker to modify or replace the application with malicious content...

6.5CVSS0.00111EPSS
Exploits0References1
Nuclei
Nuclei
added yesterday14 views

Arcserve Unified Data Protection - Unauthenticated DoS in ASNative.dll

A denial of service vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in ASNative.dll. id: CVE-2024-0801 info: name: Arcserve Unified Data Protection - Unauthenticated DoS in ASNative.dll author: daffainfo severity: high description: | A denial of service vulnerability exists i...

7.5CVSS7.5AI score0.41843EPSS
Exploits1References2
CVE
CVE
added yesterday14 views

CVE-2026-21770

CVE-2026-21770 affects HCL Traveler for Microsoft Outlook (HTMO). The vulnerability is described as a DLL hijacking issue that could allow an attacker to modify or replace HTMO with malicious content. Per the provided metrics, exploitability is Local with LOW complexity, but HIGH privileges are r...

6.5CVSS6.1AI score0.00111EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday26 views

CVE-2026-21770 HCL Traveler for Microsoft Outlook (HTMO) is susceptible to DLL hijacking

HCL Traveler for Microsoft Outlook HTMO is susceptible to a DLL hijacking vulnerability which could allow an attacker to modify or replace the application with malicious content...

6.5CVSS0.00111EPSS
Exploits0References1
NVD
NVD
added 4 days ago7 views

CVE-2026-58547

Heap-based buffer overflow in Universal Plug and Play upnp.dll allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00353EPSS
Exploits0References1
NVD
NVD
added 4 days ago3 views

CVE-2026-50491

Out-of-bounds read in Code Integrity DLL ci.dll allows an authorized attacker to elevate privileges locally...

7CVSS0.00252EPSS
Exploits0References1
CVE
CVE
added 4 days ago5 views

CVE-2026-50491

The CVE-2026-50491 entry documents an out-of-bounds read in the Code Integrity DLL (ci.dll) that enables an authorized local attacker to achieve Elevation of Privileges. Affected component: Windows Code Integrity mechanism (ci.dll). Root cause: out-of-bounds read in ci.dll leading to privilege es...

7CVSS6AI score0.00252EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago23 views

CVE-2026-49180 Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability

...

5.5CVSS0.00273EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 4 days ago7 views

Code Integrity DLL (ci.dll) Elevation of Privilege Vulnerability

Out-of-bounds read in Code Integrity DLL ci.dll allows an authorized attacker to elevate privileges locally...

7CVSS6.1AI score0.00252EPSS
Exploits0
CVE
CVE
added 4 days ago15 views

CVE-2026-0487

CVE-2026-0487 concerns SAProuter on Microsoft Windows, where an unauthenticated attacker can load DLLs from an untrusted location, enabling arbitrary code execution through DLL hijacking. The root cause is improper DLL loading behavior that can be hijacked to execute malicious code, impacting con...

8.4CVSS6.4AI score0.00148EPSS
Exploits0References2
Cvelist
Cvelist
added 4 days ago28 views

CVE-2026-0487 DLL Hijacking vulnerability in SAProuter on Microsoft Windows

SAProuter on Microsoft Windows allows an unauthenticated attacker to load library DLL files from an untrusted location, allowing them to execute malicious code on the system. This could enable the attacker to hijack the DLL loading process and achieve arbitrary code execution. This has high impac...

8.4CVSS0.00148EPSS
Exploits0References2
Metasploit
Metasploit
added 2026/07/10 7:2 p.m.25 views

FTP Fetch, Reverse All-Port TCP Stager

Fetch and execute an x86 payload from an FTP server. Try to connect back to the attacker, on all possible ports 1-65535, slowly Module Options...

6.2AI score
Exploits0
CVE
CVE
added 2026/07/08 4:38 a.m.9 views

CVE-2026-56437

The CVE-2026-56437 issue affects Pupsman versions prior to 3.9.0. An Uncontrolled search path element allows arbitrary code execution with SYSTEM privileges if a crafted DLL is placed in the same folder as the affected installer and the installer is executed. No exploitation details or fixes are ...

8.4CVSS7.2AI score0.00134EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/08 4:38 a.m.34 views

CVE-2026-56437

Uncontrolled search path element issue exists in Pupsman versions prior to 3.9.0. If a crafted DLL file is placed in the same folder as the affected installer and the installer is executed, arbitrary code may be executed with SYSTEM privilege...

8.4CVSS0.00134EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2026/07/06 10:58 a.m.16 views

Suspected China-Nexus Hackers Use Fake Indian Tax Filing Utility to Deploy DcRAT

A suspected China-nexus threat activity cluster has been observed targeting Indian taxpayers, tax professionals, and corporate finance teams to deliver a remote access trojan designed to steal sensitive data from compromised hosts. The multi-stage campaign, codenamed Operation DragonReturn by...

6.2AI score
Exploits0
CVE
CVE
added 2026/07/02 12:0 a.m.20 views

CVE-2026-38972

Notepad3 versions up to 6.25.822.1 are vulnerable to a DLL search-order hijack in the About-dialog code path (src/Notepad3.c). The application loads MSFTEDIT.DLL via LoadLibrary with a bare DLL name, enabling a local attacker to place a malicious MSFTEDIT.DLL in the application directory or anoth...

7.8CVSS6.4AI score0.00149EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/07/02 12:0 a.m.3 views

CVE-2026-38972

Notepad3 through 6.25.822.1 contains a DLL search-order hijacking vulnerability in the About-dialog code path in src/Notepad3.c. The application calls LoadLibraryL"MSFTEDIT.DLL" with a bare DLL name, which allows a local attacker to place a malicious MSFTEDIT.DLL in the application directory or...

7.8CVSS6.6AI score0.00149EPSS
Exploits1References5
NVD
NVD
added 2026/07/01 7:16 p.m.7 views

CVE-2026-51947

An issue in Pivotal CRM 6.6.4.08 and systems using patch-ghi-15381-cwe-502-20251225.zip fixed in Pivotal CRM 6.6.5.10 and PatchCWE50220260316.zip allows a remote attacker to execute arbitrary code via the Pivotal.Engine.Client.Services.Conversion.dll component. NOTE: this issue exists because of ...

9.8CVSS0.0113EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 4:16 p.m.9 views

CVE-2026-58126

PACSgear PACS Scan 5.2.1 contains an unauthenticated remote code execution vulnerability that allows remote attackers to read and write arbitrary files by exploiting an exposed .NET Remoting TCP service on port 22222 via PGImageExchQueue.exe without any authentication requirement. Attackers can...

9.8CVSS0.00963EPSS
Exploits1References3
Rows per page
Query Builder