CVE-2019-15295

An Untrusted Search Path vulnerability in the ServiceInstance.dll library versions 1.0.15.119 and lower, as used in Bitdefender Antivirus Free 2020 versions prior to 1.0.15.138, allows an attacker to load an arbitrary DLL file from the search path...

The vulnerability of VMware Workstation’s virtualization platform, related to errors during DLL file loading, allows attackers to escalate their privileges.

The vulnerability of VMware Workstation’s virtualization platform is related to errors during the loading of DLL files. Exploiting this vulnerability allows a malicious actor to gain increased privileges remotely...

EUVD-2018-8010

In PaperStream IP TWAIN 1.42.0.5685 Service Update 7, the FJTWSVIC service running with SYSTEM privilege processes unauthenticated messages received over the FjtwMkicFjicube32 named pipe. One of these message processing functions attempts to dynamically load the UninOldIS.dll library and executes...

CVE-2019-5676

CVE-2019-5676 affects NVIDIA Windows GPU Display Driver installer where DLLs are loaded without validating path or signature (binary planting). This local, pre-auth escalation could allow code execution if a malicious DLL is placed on the system. Documents identify affected drivers/updates, inclu...

HP Support Assistant < 8.7.50.3 DLL Loading Vulnerability

The version of HP Support Assistant installed on the remote Windows host is prior to 8.7.50.3. It is, therefore, affected by an unspecified DLL loading vulnerability. This can allow a local attacker to load and execute arbitrary code. C Tenable Network Security, Inc. include'compat.inc'; if...

JVN#69181574: Windows 7 may insecurely load Dynamic Link Libraries

In standard DLL files provided by Windows 7, there are some DLL files read from the same directory where the program resides when executing the program CWE-427. Microsoft states that the root cause of this vulnerability is "Application Directory App Dir DLL planting" , thus there is no plan to...

Description of the security update for the vulnerabilities in Windows Embedded POSReady 2009: February 12, 2019

Description of the security update for the vulnerabilities in Windows Embedded POSReady 2009: February 12, 2019 Notice This update was rereleased February 15, 2019 to address a known issue that occurred when you installed the original February 12, 2019 version of the update. Summary This security...

UNLHA32.DLL, UNARJ32.DLL, LHMelting and LMLzh32.DLL may insecurely load Dynamic Link Libraries

Overview UNLHA32.DLL, UNARJ32.DLL, LHMelting and LMLzh32.DLL provided by Micco contain vulnerabilities listed below. Self-Extracting Archives created by UNLHA32.DLL may insecurely load Dynamic Link Libraries CWE-427 - CVE-2018-16189 Insecurely load specific DLL file in the same directory CWE-427 ...

JVN#33677949: Installer of Mapping Tool may insecurely load Dynamic Link Libraries

Installer of Mapping Tool provided by Japan Atomic Energy Agency contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use the latest...

Input validation

A vulnerability in the DLL loading component of Cisco Advanced Malware Protection AMP for Endpoints on Windows could allow an authenticated, local attacker to disable system scanning services or take other actions to prevent detection of unauthorized intrusions. To exploit this vulnerability, the...

CVE-2018-15452

A vulnerability in the DLL loading component of Cisco Advanced Malware Protection AMP for Endpoints on Windows could allow an authenticated, local attacker to disable system scanning services or take other actions to prevent detection of unauthorized intrusions. To exploit this vulnerability, the...

CVE-2018-15452

Cisco AMP for Endpoints on Windows is affected by CVE-2018-15452 in the DLL loading component (DLL preloading). A local, authenticated attacker with administrative credentials can exploit improper validation of resources loaded by a system process by placing a crafted DLL in a specific location, ...

CVE-2018-15452 Cisco Advanced Malware Protection for Endpoints on Windows DLL Preloading Vulnerability

A vulnerability in the DLL loading component of Cisco Advanced Malware Protection AMP for Endpoints on Windows could allow an authenticated, local attacker to disable system scanning services or take other actions to prevent detection of unauthorized intrusions. To exploit this vulnerability, the...

Adobe TCS Privilege Escalation Vulnerability (APSB18-38) - Windows

Adobe TCS is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:tcs";...

Ruby-ffi has a DLL loading issue

ruby-ffi version 1.9.23 and earlier has a DLL loading issue which can be hijacked on Windows OS, when a Symbol is used as DLL name instead of a String This vulnerability appears to have been fixed in v1.9.24 and later...

GHSA-2GW2-8Q9W-CW8P Ruby-ffi has a DLL loading issue

ruby-ffi version 1.9.23 and earlier has a DLL loading issue which can be hijacked on Windows OS, when a Symbol is used as DLL name instead of a String This vulnerability appears to have been fixed in v1.9.24 and later...

CVE-2018-14797

Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 allow a specially crafted DLL file to be placed in the search path and loaded as an internal and valid DLL, which may allow arbitrary code execution...

Microsoft Windows 10 - Diagnostics Hub Standard Collector Service Privilege Escalation

Microsoft Windows 10 - Diagnostics Hub Standard Collector Service Privilege Escalation SystemCollector PoC for Privilege Escalation in Windows 10 Diagnostics Hub Standard Collector Service Affected Products Windows 10 Windows Server Windows Server 2016 Visual Studio 2015 Update 3 Visual Studio 20...

The installers of multiple Logicool software programs may insecurely load Dynamic Link Libraries

Overview The installers of multiple software programs provided by Logicool Co. Ltd contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427 . Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC coordinat...

Installer of Glary Utilities may insecurely load Dynamic Link Libraries

Overview Installer of Glary Utilities provided by Glarysoft Ltd. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Ear...