622 matches found
CVE-2013-3942
Potplayer prior to 1.5.39659: DLL Loading Arbitrary Code Execution Vulnerability...
CVE-2019-15295
An Untrusted Search Path vulnerability in the ServiceInstance.dll library versions 1.0.15.119 and lower, as used in Bitdefender Antivirus Free 2020 versions prior to 1.0.15.138, allows an attacker to load an arbitrary DLL file from the search path...
CVE-2019-14684
A DLL hijacking vulnerability exists in Trend Micro Password Manager 5.0 in which, if exploited, would allow an attacker to load an arbitrary unsigned DLL into the signed service's process. This process is very similar, yet not identical to CVE-2019-14687...
CVE-2009-3792
Directory traversal vulnerability in Adobe Flash Media Server FMS before 3.5.3 allows attackers to load arbitrary DLL files via unspecified vectors...
CVE-2024-9157
UNSUPPORTED WHEN ASSIGNED A privilege escalation vulnerability in CxUIUSvc64.exe and CxUIUSvc32.exe of Synaptics audio drivers allows a local authorized attacker to load a DLL in a privileged process. Out of an abundance of caution, this CVE ID is being assigned to better serve our customers and...
CVE-2024-9157
Technical details about CVE-2024-9157 are not present in the provided documents. No affected products, impact, or remediation are specified here. Monitor for updates from the referenced sources.
Synaptics: CVE-2024-9157 Synaptics Service Binaries DLL Loading Vulnerability
...
CVE-2019-19166
Tobesoft XPlatform v9.1, 9.2.0, 9.2.1 and 9.2.2 have a vulnerability that can load unauthorized DLL files. It allows attacker to cause remote code execution...
CVE-2020-7346
Privilege Escalation vulnerability in McAfee Data Loss Prevention DLP for Windows prior to 11.6.100 allows a local, low privileged, attacker through the use of junctions to cause the product to load DLLs of the attacker's choosing. This requires the creation and removal of junctions by the attack...
BIT-PYTHON-MIN-2020-8315
In Python CPython 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1, an insecure dependency load upon launch on Windows 7 may result in an attacker's copy of api-ms-win-core-path-l1-1-0.dll being loaded and used instead of the system's copy. Windows 8 and later are unaffected...
Mitsubishi Electric MC Works64和Mitsubishi Electric GENESIS64 代码问题漏洞
Mitsubishi Electric MC Works64 and Mitsubishi Electric GENESIS64 are both products of Mitsubishi Electric Corporation Mitsubishi Electric, Japan.The Mitsubishi Electric MC Works64 is a data acquisition and monitoring system SCADA. Mitsubishi Electric GENESIS64 is a SCADA kit. Mitsubishi Electric ...
The vulnerability of Dream Report and AVEVA Reports for Operations, which are used for generating production reports and analytics, stems from errors in processing the relative path to the catalog. This allows an attacker to execute arbitrary code.
The vulnerability of Dream Report and AVEVA Reports for Operations, which are used for generating production reports and analytics, is related to errors in processing the relative path to the catalog. Exploiting this vulnerability could allow an attacker to execute arbitrary code by loading a...
RSA Security SecureID Software Token for Microsoft Windows Uncontrolled Search Path Element Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of RSA Security SecureID Software Token for Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists within t...
The vulnerability of the “-Oallow-remote-pkcs11” configuration in the ssh-agent service of OpenSSH for Windows operating systems allows a hacker to execute arbitrary code.
The vulnerability of the -Oallow-remote-pkcs11 configuration in the ssh-agent service of OpenSSH for Windows is related to improper external management of file names or paths. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by loading a malicious DLL library...
CVE-2024-40721 CHANGING Information Technology TCBServiSign Windows Version - Improper Input Validation
The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can cause the TCBServiSign to load a DLL from an arbitrary path...
CVE-2024-34123 Adobe Premiere Pro arbitrary DLL loading lead to remote code execution
Premiere Pro versions 23.6.5, 24.4.1 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution. An attacker could exploit this vulnerability by inserting a malicious file into the search path, which the application might execute instead of the...
CVE-2024-34123 Adobe Premiere Pro arbitrary DLL loading lead to remote code execution
Premiere Pro versions 23.6.5, 24.4.1 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution. An attacker could exploit this vulnerability by inserting a malicious file into the search path, which the application might execute instead of the...
CVE-2021-22280
Improper DLL loading algorithms in B&R Automation Studio versions =4.0 and 4.12 may allow an authenticated local attacker to execute code in the context of the product...
CVE-2021-22280 DLL Hijacking Vulnerability in Automation Studio
Improper DLL loading algorithms in B&R Automation Studio versions =4.0 and 4.12 may allow an authenticated local attacker to execute code in the context of the product...
CVE-2021-22280
CVE-2021-22280 крат: B&R Automation Studio versions 4.0–4.11 suffer from improper DLL loading, enabling an authenticated local attacker to execute code in the product context. The issue is confirmed across multiple sources (PT-2024-10875, Red Hat/NVD records). Impact is local code execution with ...