PT-2024-31825 · Vegabird · Vegabird Yaazhini

Name of the Vulnerable Software and Affected Versions: VegaBird Yaazhini version 2.0.2 Description: A DLL hijacking issue allows attackers to execute arbitrary code and maintain persistence by placing a crafted DLL file in the same directory as Yaazhini.exe. This enables them to potentially gain...

CVE-2022-3859

An uncontrolled search path vulnerability exists in Trellix Agent TA for Windows in versions prior to 5.7.8. This allows an attacker with admin access, which is required to place the DLL in the restricted Windows System folder, to elevate their privileges to System by placing a malicious DLL ther...

CVE-2022-26319

An installer search patch element vulnerability in Trend Micro Portable Security 3.0 Pro, 3.0 and 2.0 could allow a local attacker to place an arbitrarily generated DLL file in an installer folder to elevate local privileges. Please note: an attacker must first obtain the ability to execute...

Vulnerability found in Adobe ColdFusion

A vulnerability has been found in Adobe ColdFusion. Due to an error in the permissions structure, a local malicious agent can place a specially prepared DLL file to execute arbitrary code under SYSTEM privileges. For more information, see the page below: https://www.kb.cert.org/vuls/id/125331 At...

CVE-2020-8810

An issue was discovered in Gurux GXDLMS Director through 8.5.1905.1301. When downloading OBIS codes, it does not verify that the downloaded files are actual OBIS codes and doesn't check for path traversal. This allows the attacker exploiting CVE-2020-8809 to send executable files and place them i...