EUVD-2017-3886

Malware in sbrugna...

EUVD-2017-7874

Malware in sbrugna...

CVE-2019-6692

A malicious DLL preload vulnerability in Fortinet FortiClient for Windows 6.2.0 and below allows a privileged attacker to perform arbitrary code execution via forging that DLL...

CVE-2024-32857

Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege...

CVE-2021-31847

Improper access control vulnerability in the repair process for McAfee Agent for Windows prior to 5.7.4 could allow a local attacker to perform a DLL preloading attack using unsigned DLLs. This would result in elevation of privileges and the ability to execute arbitrary code as the system user,...

CVE-2019-6692

A malicious DLL preload vulnerability in Fortinet FortiClient for Windows 6.2.0 and below allows a privileged attacker to perform arbitrary code execution via forging that DLL...

CVE-2019-6692

A malicious DLL preload vulnerability in Fortinet FortiClient for Windows 6.2.0 and below allows a privileged attacker to perform arbitrary code execution via forging that DLL...

Design/Logic Flaw

A malicious DLL preload vulnerability in Fortinet FortiClient for Windows 6.2.0 and below allows a privileged attacker to perform arbitrary code execution via forging that DLL...

CVE-2019-6692

A malicious DLL preload vulnerability in Fortinet FortiClient for Windows 6.2.0 and below allows a privileged attacker to perform arbitrary code execution via forging that DLL...

Cisco Advanced Malware Protection for Endpoints DLL Preload Vulnerability

Cisco Advanced Malware Protection AMP for Endpoints for Windows is a Windows-based endpoint security solution from Cisco. The product mainly has advanced threat prevention, monitoring and response features. A security vulnerability exists in the DLL loading component of Cisco AMP for Endpoints fo...

Code injection

A malicious DLL preload attack possible on NwSapSetup and Installation self-extracting program for SAP Plant Connectivity 2.3 and 15.0. It is possible that SAPSetup / NwSapSetup.exe loads system DLLs like DWMAPI.dll located in your Syswow64 / System32 folder from the folder the executable is in a...

CVE-2017-16690

A malicious DLL preload attack possible on NwSapSetup and Installation self-extracting program for SAP Plant Connectivity 2.3 and 15.0. It is possible that SAPSetup / NwSapSetup.exe loads system DLLs like DWMAPI.dll located in your Syswow64 / System32 folder from the folder the executable is in a...

CVE-2017-16690

CVE-2017-16690 describes a DLL preloading vulnerability in SAP Plant Connectivity (NwSapSetup/SAPSetup) where DLLs (e.g., DWMAPI.dll) may be loaded from the executable’s folder rather than system folders. Root cause: the loader uses the local folder before system directories, enabling code execut...

CVE-2017-16690

A malicious DLL preload attack possible on NwSapSetup and Installation self-extracting program for SAP Plant Connectivity 2.3 and 15.0. It is possible that SAPSetup / NwSapSetup.exe loads system DLLs like DWMAPI.dll located in your Syswow64 / System32 folder from the folder the executable is in a...

Input validation

An untrusted search path aka DLL Preload vulnerability in the Cisco Network Academy Packet Tracer software could allow an authenticated, local attacker to execute arbitrary code via DLL hijacking if a local user with administrative privileges executes the installer in the current working director...

CVE-2017-12313

CVE-2017-12313 affects Cisco Network Academy Packet Tracer. The issue is an untrusted search path (DLL Preload) vulnerability caused by insufficient input validation of DLL paths/filenames before loading. A local, authenticated user with administrative privileges could place a crafted DLL in a ta...

CVE-2017-12313

An untrusted search path aka DLL Preload vulnerability in the Cisco Network Academy Packet Tracer software could allow an authenticated, local attacker to execute arbitrary code via DLL hijacking if a local user with administrative privileges executes the installer in the current working director...