Lucene search
+L

41 matches found

Mozilla
Mozilla
added 2020/07/28 12:0 a.m.65 views

Security Vulnerabilities fixed in Firefox ESR 78.1 — Mozilla

By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. WebRTC used the memory address of a class instance as a connection identifier. Unfortunately, this value is...

9.3CVSS1.4AI score0.0779EPSS
Exploits6References10Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2019/02/28 12:0 a.m.121 views

JVN#69181574: Windows 7 may insecurely load Dynamic Link Libraries

In standard DLL files provided by Windows 7, there are some DLL files read from the same directory where the program resides when executing the program CWE-427. Microsoft states that the root cause of this vulnerability is "Application Directory App Dir DLL planting" , thus there is no plan to...

7.8CVSS7.7AI score0.04605EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/07/06 5:36 a.m.6 views

The installers of multiple Logicool software programs may insecurely load Dynamic Link Libraries

Overview The installers of multiple software programs provided by Logicool Co. Ltd contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427 . Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC coordinat...

7.8CVSS7.1AI score0.00882EPSS
Exploits0References8
Kaspersky
Kaspersky
added 2018/04/19 12:0 a.m.571 views

KLA11237 Multiple vulnerabilities in Foxit Reader and Foxit PhantomPDF

Multiple serious vulnerabilities have been found in Foxit Reader and Foxit PhantomPDF. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service and execute arbitrary code. Below is a complete list of vulnerabilities: 1. An unsafe DLL loading...

8.8CVSS9.2AI score0.24033EPSS
Exploits12References4
CNVD
CNVD
added 2017/09/22 12:0 a.m.4 views

Cisco FindIT Network Discovery Utility Code Execution Vulnerability

Cisco FindIT Network Discovery Utility is a network device manager from Cisco USA. The product provides management functions for Cisco network devices. A security vulnerability exists in the Cisco FindIT Network Discovery Utility. A local attacker can exploit this vulnerability by placing an...

7.8CVSS6.6AI score0.00356EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/30 6:10 a.m.6 views

Installer of "Remote Support Tool (Enkaku Support Tool)" may insecurely load Dynamic Link Libraries

Overview Installer of "Remote Support Tool Enkaku Support Tool" provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION and NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili...

9.3CVSS6.8AI score0.01231EPSS
Exploits0References7
Prion
Prion
added 2017/04/12 2:59 p.m.22 views

Code injection

Microsoft OneNote 2007 SP3 and Microsoft OneNote 2010 SP2 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office DLL Loading Vulnerability."...

9.3CVSS7.7AI score0.19075EPSS
Exploits2References4Affected Software1
CVE
CVE
added 2017/04/12 2:0 p.m.110 views

CVE-2017-0197

CVE-2017-0197 affects Microsoft OneNote 2007 SP3 and OneNote 2010 SP2. A DLL loading remote code execution vulnerability exists: an attacker can cause arbitrary code execution by convincing a user to open a specially crafted OneNote document. The issue is triggered by improper DLL loading validat...

9.3CVSS7.6AI score0.19075EPSS
Exploits2References4Affected Software1
VMware
VMware
added 2017/03/07 12:0 a.m.509 views

VMSA-2017-0003:VMware Workstation update addresses multiple security issues

VMSA-2017-0003 VMware Workstation update addresses multiple security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2017-0003 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: VMware Workstation update addresses multiple security issues...

8.8CVSS5.8AI score0.00393EPSS
Exploits0References6Affected Software2
CNVD
CNVD
added 2017/03/02 12:0 a.m.5 views

Rapid7 Metasploit Pro DLL Loading Remote Code Execution Vulnerability

Metasploit Pro is a powerful guided penetration testing platform. A DLL loading remote code execution vulnerability exists in Rapid7 Metasploit Pro prior version 4.13.0-2017022101, which can be exploited by a remote attacker to execute arbitrary code in the context of an affected application...

7.8CVSS8.4AI score0.00911EPSS
Exploits0References1
Prion
Prion
added 2016/02/10 11:59 a.m.25 views

Remote code execution

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "Windows DLL Loading Remote...

7.2CVSS7.5AI score0.05651EPSS
Exploits0References2Affected Software3
CNVD
CNVD
added 2016/01/15 12:0 a.m.4 views

Microsoft Windows Elevation of Privilege Vulnerability (CNVD-2016-00282)

Microsoft Windows is a series of operating systems designed for personal computer and server users from the American company Microsoft. Microsoft Windows fails to properly load DLL files, allowing attackers to exploit the vulnerability to build special files that can be tricked into parsing and...

7.3CVSS6.8AI score0.13526EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/07/07 12:0 a.m.32 views

Corel PDF Fusion <= 1.14 Arbitrary Code Execution Vulnerability - Windows

Corel PDF Fusion is prone to an arbitrary code execution vulnerability. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

4.6CVSS7.8AI score0.0707EPSS
Exploits1References2
CNVD
CNVD
added 2015/01/14 12:0 a.m.13 views

VideoStudio Pro X7 'u32ZLib.dll' DLL Loading Arbitrary Code Execution Vulnerability

VideoStudio Pro X7 is a video editing software. An arbitrary code execution vulnerability exists in VideoStudio Pro X7 'u32ZLib.dll' DLL loading due to VideoStudio Pro X7 failing to properly load the "u32ZLib.dll" file. This allows an attacker to construct a malicious DLL file to load arbitrary...

4.6CVSS7.8AI score0.0707EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2014/01/30 12:0 a.m.48 views

SAP GUI DLL Loading Arbitrary Code Execution (Note 1511179)

The remote host is running a version of SAP GUI that reportedly insecurely looks in its current working directory when resolving DLLs such as 'MFC80LOC.DLL' and 'MFC80RUS.DLL'. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid72211; scriptversion"1.4";...

6.9CVSS5.5AI score0.00356EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2013/04/04 12:0 a.m.34 views

Mozilla Thunderbird ESR 17.x < 17.0.5 Multiple Vulnerabilities

The installed version of Thunderbird ESR 17.x is earlier than 17.0.5 and is, therefore, potentially affected the following vulnerabilities: - Various memory safety issues exist. CVE-2013-0788 - An out-of-bounds memory read error exists related to 'CERTDecodeCertPackage' and certificate decoding...

10CVSS8.5AI score0.05213EPSS
Exploits0References14
Saint
Saint
added 2012/04/25 12:0 a.m.34 views

Microsoft Expression Design wintab32.dll Library Loading

Added: 04/25/2012 CVE: CVE-2012-0016 BID: 52375 OSVDB: 80001 Background Microsoft Expression Design is a commercial professional illustration vector and raster graphic design tool for web images. Problem Microsoft Expression Design contains a flaw in the way it loads dynamic-link libraries DLL. T...

9.3CVSS6.6AI score0.21892EPSS
Exploits5
Prion
Prion
added 2010/01/13 7:30 p.m.27 views

Code injection

The 3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attackers to execute arbitrary code via unspecified vectors, related to a "DLL-loading vulnerability."...

10CVSS7.5AI score0.0905EPSS
Exploits0References12Affected Software2
CVE
CVE
added 2010/01/13 7:0 p.m.87 views

CVE-2009-3954

CVE-2009-3954 refers to a DLL-loading vulnerability in the 3D implementation of Adobe Reader/Acrobat. Affected products span Adobe Reader/Acrobat 9.x prior to 9.3 and 8.x prior to 8.2 on Windows and macOS. The root cause is a DLL-loading issue in the 3D component that could allow arbitrary code e...

10CVSS7.4AI score0.0905EPSS
Exploits0References12Affected Software1
Cvelist
Cvelist
added 2010/01/13 7:0 p.m.26 views

CVE-2009-3954

The 3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attackers to execute arbitrary code via unspecified vectors, related to a "DLL-loading vulnerability."...

7.3AI score0.0905EPSS
Exploits0References12
Rows per page
Query Builder