Lucene search
K

285 matches found

Cvelist
Cvelist
added 2025/12/09 3:50 p.m.31 views

CVE-2025-5470 Dylib Hijacking in Yandex Disk

Uncontrolled Search Path Element vulnerability in Yandex Disk on MacOS allows Search Order Hijacking.This issue affects Disk: before 3.2.45.3275...

8.8CVSS0.00148EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/26 12:0 a.m.5 views

MegaTec ClientMate 安全漏洞

MegaTec ClientMate is a power management software from Taiwan, China-based MegaTec. A security vulnerability exists in MegaTec ClientMate that stems from insecure permissions in the C:\usr directory, which could lead to configuration file replacement or DLL hijacking...

6.9CVSS6.7AI score0.00099EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/23 6:30 p.m.4 views

EUVD-2024-19528

A DLL hijacking vulnerability in AMD StoreMI™ could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...

7.3CVSS7.3AI score0.00124EPSS
Exploits0References2
CVE
CVE
added 2025/11/23 4:26 p.m.8 views

CVE-2024-21922

CVE-2024-21922 describes a DLL hijacking vulnerability in AMD StoreMI that could lead to privilege escalation and arbitrary code execution. Affected product: AMD StoreMI; vulnerability class: DLL hijacking. CVSSv3.1 metrics indicate Local attack vector, Low access/privilege requirements, User int...

7.3CVSS7.5AI score0.00124EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/23 12:0 a.m.4 views

AMD StoreMI 安全漏洞

AMD StoreMI is an intelligent storage management technology developed by AMD that automatically optimizes data storage locations to improve system performance by combining the benefits of solid state drives SSDs and mechanical hard drives HDDs. AMD StoreMI suffers from a DLL hijacking vulnerabili...

7.3CVSS7.6AI score0.00124EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/23 12:0 a.m.3 views

PT-2025-47849

Name of the Vulnerable Software and Affected Versions AMD StoreMI™ affected versions not specified Description A DLL hijacking issue exists in AMD StoreMI™. Successful exploitation could allow an attacker to gain higher privileges, potentially leading to arbitrary code execution. Recommendations ...

7.3CVSS7AI score0.00124EPSS
Exploits0References8
OSV
OSV
added 2025/11/20 9:16 p.m.4 views

CVE-2025-63685

Quark Cloud Drive v3.23.2 has a DLL Hijacking vulnerability. This vulnerability stems from the insecure loading of system libraries. Specifically, the application does not validate the path or signature of regsvr32.exe it loads. An attacker can place a crafted malicious DLL in the application's...

9.8CVSS5.8AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/20 12:0 a.m.1 views

CVE-2025-63685

Quark Cloud Drive v3.23.2 has a DLL Hijacking vulnerability. This vulnerability stems from the insecure loading of system libraries. Specifically, the application does not validate the path or signature of regsvr32.exe it loads. An attacker can place a crafted malicious DLL in the application's...

6.5AI score0.00322EPSS
Exploits1References1
CVE
CVE
added 2025/11/11 8:20 p.m.13 views

CVE-2025-40827

Affected products and versions: Siemens Software Center (all versions < V3.5) and Solid Edge SE2025 (all versions

8.5CVSS7.3AI score0.00141EPSS
Exploits0References1
ICS
ICS
added 2025/11/11 12:0 a.m.6 views

Siemens Software Center and Solid Edge

SUMMARY Siemens Software Center and Solid Edge is affected by a DLL hijacking vulnerability. This could allow an attacker to execute arbitrary code via placing a crafted DLL file on the system. Siemens has released new versions for the affected products and recommends to update to the latest...

8.5CVSS7.7AI score0.00141EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/10/31 12:0 a.m.5 views

Trimble SketchUp Desktop 安全漏洞

Trimble SketchUp Desktop is a 3D modeling software from Trimble USA. A security vulnerability exists in Trimble SketchUp Desktop 2025, which stems from sketchupwebhelper.exe's use of a specially crafted libcef.dll, which could lead to a DLL hijacking attack...

7.8CVSS6.5AI score0.00143EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/10/31 12:0 a.m.10 views

CVE-2025-60749

DLL Hijacking vulnerability in Trimble SketchUp desktop 2025 via crafted libcef.dll used by sketchupwebhelper.exe...

0.00143EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/10/29 12:0 a.m.2 views

CVE-2025-61161

DLL hijacking vulnerability in Evope Collector 1.1.6.9.0 and related components load the wtsapi32.dll library from an uncontrolled search path C:\ProgramData\Evope. This allows local unprivileged attackers to execute arbitrary code or escalate privileges to SYSTEM by placing a crafted DLL in that...

7.3AI score0.00152EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/28 3:4 p.m.6 views

CVE-2025-9164

Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs in the user's Downloads folder before checking system directories, allowing local privilege escalation through malicious DLL placement.This issue affects Docker...

8.8CVSS7AI score0.00099EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/14 12:0 a.m.5 views

PT-2025-41961

Name of the Vulnerable Software and Affected Versions FortiClient versions 7.0 through 7.2.11 and 7.4.0 through 7.4.3 Description An uncontrolled search path element issue exists in FortiClient on Windows. A local, low-privileged user could potentially perform a DLL hijacking attack by placing a...

6.7CVSS6.6AI score0.00161EPSS
Exploits0References3
Securelist
Securelist
added 2025/10/06 8:0 a.m.3 views

How we trained an ML model to detect DLL hijacking

DLL hijacking is a common technique in which attackers replace a library called by a legitimate process with a malicious one. It is used by both creators of mass-impact malware, like stealers and banking Trojans, and by APT and cybercrime groups behind targeted attacks. In recent years, the numbe...

6.7AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-27534

Malicious code in bioql PyPI...

7CVSS6.6AI score0.0013EPSS
Exploits0References1
CVE
CVE
added 2025/09/30 2:52 p.m.19 views

CVE-2025-11178

CVE-2025-11178 is a local privilege escalation vulnerability in Acronis True Image for Windows before builds 42386 (standard), 42636 (Western Digital), and 42679 (SanDisk). The issue is caused by DLL hijacking, enabling an attacker with local access and low privileges to escalate privileges (impa...

7.3CVSS7.1AI score0.00163EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/09/30 2:52 p.m.3 views

CVE-2025-11178

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image Windows before build 42386, Acronis True Image for Western Digital Windows before build 42636, Acronis True Image for SanDisk Windows before build 42679...

7.3CVSS7.3AI score0.00163EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/09/27 12:49 a.m.7 views

CVE-2025-56383

Notepad++ v8.8.3 has a DLL hijacking vulnerability, which can replace the original DLL file to execute malicious code. NOTE: this is disputed by multiple parties because the behavior only occurs when a user installs the product into a directory tree that allows write access by arbitrary...

8.4CVSS7.3AI score0.00269EPSS
Exploits0References1
Rows per page
Query Builder