CVE-2021-34803

TeamViewer before 14.7.48644 on Windows loads untrusted DLLs in certain situations...

SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2020:14456-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2020:14456-1 advisory. - By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This appli...

Installer of Overwolf may insecurely load Dynamic Link Libraries

Overview Overwolf is a software framework for creating applications for games. The Overwolf Installer contains an issue with the DLL search path CWE-427, which may lead to insecurely loading Dynamic Link Libraries stored in the same directory where the installer resides. Shogo kumamaru of LAC Co....

CVE-2021-3423

Uncontrolled Search Path Element vulnerability in the openssl component as used in Bitdefender GravityZone Business Security allows an attacker to load a third party DLL to elevate privileges. This issue affects Bitdefender GravityZone Business Security versions prior to 6.6.23.329...

CVE-2021-3423

CVE-2021-3423 describes an uncontrolled search path element issue in the OpenSSL usage within Bitdefender GravityZone Business Security that enables local privilege escalation by loading a third-party DLL. Affected versions are GravityZone Business Security prior to 6.6.23.329. The root cause is ...

CVE-2021-26807

GalaxyClient version 2.0.28.9 loads unsigned DLLs such as zlib1.dll, libgccsdw2-1.dll and libwinpthread-1.dll from PATH, which allows an attacker to potentially run code locally through unsigned DLL loading...

CVE-2021-26807

GalaxyClient version 2.0.28.9 loads unsigned DLLs such as zlib1.dll, libgccsdw2-1.dll and libwinpthread-1.dll from PATH, which allows an attacker to potentially run code locally through unsigned DLL loading...

CVE-2021-1386

A vulnerability in the dynamic link library DLL loading mechanism in Cisco Advanced Malware Protection AMP for Endpoints Windows Connector, ClamAV for Windows, and Immunet could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected Windows system. To exploit this...

Input validation

A vulnerability in the dynamic link library DLL loading mechanism in Cisco Advanced Malware Protection AMP for Endpoints Windows Connector, ClamAV for Windows, and Immunet could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected Windows system. To exploit this...

CVE-2020-6786

Loading a DLL through an Uncontrolled Search Path Element in the Bosch Video Recording Manager installer up to and including version 3.82.0055 for 3.82, up to and including version 3.81.0064 for 3.81 and 3.71 and older potentially allows an attacker to execute arbitrary code on a victim's system....

CVE-2020-6785

Loading a DLL through an Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer in versions 10.1.0, 10.0.1, 10.0.0 and 9.0.0 and older potentially allows an attacker to execute arbitrary code on a victim's system. This affects both the installer as well as the installed application. This...

CVE-2020-6789

Loading a DLL through an Uncontrolled Search Path Element in the Bosch Monitor Wall installer up to and including version 10.00.0164 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same...

CVE-2020-6787

Loading a DLL through an Uncontrolled Search Path Element in the Bosch Video Client installer up to and including version 1.7.6.079 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same...

Code injection

Loading a DLL through an Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer in versions 10.1.0, 10.0.1, 10.0.0 and 9.0.0 and older potentially allows an attacker to execute arbitrary code on a victim's system. This affects both the installer as well as the installed application. This...

Design/Logic Flaw

Loading a DLL through an Uncontrolled Search Path Element in Bosch IP Helper up to and including version 1.00.0008 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same application...

Code injection

Loading a DLL through an Uncontrolled Search Path Element in the Bosch Video Recording Manager installer up to and including version 3.82.0055 for 3.82, up to and including version 3.81.0064 for 3.81 and 3.71 and older potentially allows an attacker to execute arbitrary code on a victim's system....

Default configuration

Loading a DLL through an Uncontrolled Search Path Element in the Bosch Configuration Manager installer up to and including version 7.21.0078 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in...

Code injection

Loading a DLL through an Uncontrolled Search Path Element in the Bosch Monitor Wall installer up to and including version 10.00.0164 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same...

CVE-2020-6789 Uncontrolled Search Path Element in Bosch Monitor Wall Installer

Loading a DLL through an Uncontrolled Search Path Element in the Bosch Monitor Wall installer up to and including version 10.00.0164 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same...

CVE-2020-6789

CVE-2020-6789 concerns the Bosch Monitor Wall installer (versions up to 10.00.0164). The vulnerability arises from loading a DLL via an Uncontrolled Search Path Element, potentially allowing an attacker to execute arbitrary code on the victim’s system. A prerequisite is that the victim places a m...