99 matches found
CVE-2025-13665
The System Console Utility for Windows is vulnerable to a DLL planting vulnerability...
CVE-2025-13670
The High Level Synthesis Compiler i++ command for Windows is vulnerable to a DLL planting vulnerability...
CVE-2025-13670 High Level Synthesis Compiler Security Advisory
The High Level Synthesis Compiler i++ command for Windows is vulnerable to a DLL planting vulnerability...
CVE-2025-13665 Quartus Prime Standard Security Advisory
The System Console Utility for Windows is vulnerable to a DLL planting vulnerability...
CVE-2025-13665 Quartus Prime Standard Security Advisory
The System Console Utility for Windows is vulnerable to a DLL planting vulnerability...
CVE-2025-13665
Technical details about CVE-2025-13665 are not publicly provided in the supplied documents. Please monitor for updates from the vendor and security advisories.
EUVD-2022-53467
Malicious code in bioql PyPI...
CVE-2023-22947
Insecure folder permissions in the Windows installation path of Shibboleth Service Provider SP before 3.4.1 allow an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in the service executable's folder. This occurs because the installation goes under C:\opt rather than...
CVE-2022-32270
In Real Player 20.0.7.309 and 20.0.8.310, external::Import allows download of arbitrary file types and Directory Traversal, leading to Remote Code Execution. This occurs because it is possible to plant executables in the startup folder DLL planting could also occur...
CVE-2023-22947
Insecure folder permissions in the Windows installation path of Shibboleth Service Provider SP before 3.4.1 allow an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in the service executable's folder. This occurs because the installation goes under C:\opt rather than...
CVE-2023-22947
Insecure folder permissions in the Windows installation path of Shibboleth Service Provider SP before 3.4.1 allow an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in the service executable's folder. This occurs because the installation goes under C:\opt rather than...
Information disclosure
DISPUTED Insecure folder permissions in the Windows installation path of Shibboleth Service Provider SP before 3.4.1 allow an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in the service executable's folder. This occurs because the installation goes under C:\opt...
CVE-2023-22947
CVE-2023-22947 affects Shibboleth Service Provider (SP) on Windows prior to 3.4.1. The issue stems from insecure folder permissions in the Windows installation path (defaulting to C:\opt instead of C:\Program Files), enabling an unprivileged local attacker to escalate to SYSTEM via DLL planting i...
CVE-2023-22947
Insecure folder permissions in the Windows installation path of Shibboleth Service Provider SP before 3.4.1 allow an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in the service executable's folder. This occurs because the installation goes under C:\opt rather than...
CVE-2023-22947
Insecure folder permissions in the Windows installation path of Shibboleth Service Provider SP before 3.4.1 allow an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in the service executable's folder. This occurs because the installation goes under C:\opt rather than...
PT-2023-18789 · Unknown · Shibboleth Service Provider
Name of the Vulnerable Software and Affected Versions: Shibboleth Service Provider SP versions prior to 3.4.1 Description: The issue concerns insecure folder permissions in the Windows installation path of Shibboleth Service Provider SP. This allows an unprivileged local attacker to escalate...
CVE-2023-22947
Insecure folder permissions in the Windows installation path of Shibboleth Service Provider SP before 3.4.1 allow an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in the service executable's folder. This occurs because the installation goes under C:\opt rather than...
CVE-2022-31694
InstallBuilder Qt installers built with versions previous to 22.10 try to load DLLs from the installer binary parent directory when displaying popups. This may allow an attacker to plant a malicious DLL in the installer parent directory to allow executing code with the privileges of the installer...
Security Bulletin: IBM Cognos Express is affected by vulnerabilities in Installshield and InstallAnywhere
Summary IBM Cognos Express is affected by these vulnerabilities. InstallShield and InstallAnywhere generate installation executables which are vulnerable to DLL-planting vulnerability. Vulnerability Details CVEID: CVE-2016-2542 DESCRIPTION: Flexera InstallShield could allow a local attacker to ga...
CVE-2022-32270
In Real Player 20.0.7.309 and 20.0.8.310, external::Import allows download of arbitrary file types and Directory Traversal, leading to Remote Code Execution. This occurs because it is possible to plant executables in the startup folder DLL planting could also occur...