Notepad++ Plugin Persistence

This Metasploit module create persistence by adding a malicious plugin to Notepad++, as it blindly loads and executes DLL from its plugin directory on startup, meaning that the payload will be executed every time Notepad++ is launched...

EUVD-2024-19528

A DLL hijacking vulnerability in AMD StoreMI™ could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...

CVE-2024-21922

A DLL hijacking vulnerability in AMD StoreMI™ could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...

CVE-2024-21922

CVE-2024-21922 describes a DLL hijacking vulnerability in AMD StoreMI that could lead to privilege escalation and arbitrary code execution. Affected product: AMD StoreMI; vulnerability class: DLL hijacking. CVSSv3.1 metrics indicate Local attack vector, Low access/privilege requirements, User int...

PT-2025-47849

Name of the Vulnerable Software and Affected Versions AMD StoreMI™ affected versions not specified Description A DLL hijacking issue exists in AMD StoreMI™. Successful exploitation could allow an attacker to gain higher privileges, potentially leading to arbitrary code execution. Recommendations ...

AMD StoreMI 安全漏洞

AMD StoreMI is an intelligent storage management technology developed by AMD that automatically optimizes data storage locations to improve system performance by combining the benefits of solid state drives SSDs and mechanical hard drives HDDs. AMD StoreMI suffers from a DLL hijacking vulnerabili...

CVE-2025-63685

Quark Cloud Drive v3.23.2 has a DLL Hijacking vulnerability. This vulnerability stems from the insecure loading of system libraries. Specifically, the application does not validate the path or signature of regsvr32.exe it loads. An attacker can place a crafted malicious DLL in the application's...

CVE-2025-63685

Quark Cloud Drive v3.23.2 has a DLL Hijacking vulnerability. This vulnerability stems from the insecure loading of system libraries. Specifically, the application does not validate the path or signature of regsvr32.exe it loads. An attacker can place a crafted malicious DLL in the application's...

EUVD-2025-198124

When the service of ABP and AES is installed in a directory writable by non-administrative users, an attacker can replace or plant a DLL with the same name as one loaded by the service. Upon service restart, the malicious DLL is loaded and executed under the LocalSystem account, resulting in...

EUVD-2025-198129

DLL Loading vulnerability in NEC Corporation RakurakuMusen Start EX All Verisons allows a attacker to manipulate the PC environment to cause unintended operations on the user's device...

CVE-2025-12852

DLL Loading vulnerability in NEC Corporation RakurakuMusen Start EX All Verisons allows a attacker to manipulate the PC environment to cause unintended operations on the user's device...

CVE-2025-12852

DLL Loading vulnerability in NEC Corporation RakurakuMusen Start EX All Verisons allows a attacker to manipulate the PC environment to cause unintended operations on the user's device...

NEC RakurakuMusen Start EX 安全漏洞

NEC RakurakuMusen Start EX is a wireless network connectivity software from Japan Electric NEC. A security vulnerability exists in NEC RakurakuMusen Start EX that stems from a DLL loading issue that could allow an attacker to manipulate the PC environment to perform unexpected actions...

EUVD-2025-197931

Uncontrolled Search Path Element Vulnerability in Setting and Operation Application for Lighting Control System MILCO.S Setting Application all versions, MILCO.S Setting Application IR all versions, MILCO.S Easy Setting Application IR all versions, and MILCO.S Easy Switch Application IR all...

MAL-2025-191814 Malicious code in perfviewer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ea912a2de677fa6d9ea6dbf9a792dace4d927efd46a5cb615ba8548fec4930e8 During installation, code downloads and starts an executable and a DLL library. After starting them, files are removed from the disk. The executable has been...

Advantech TP-3250 安全漏洞

Advantech TP-3250 is a printer from Advantech, China. The Advantech TP-3250 suffers from a denial of service vulnerability due to a heap corruption flaw in DrvUIx64Advantech.dll when DocumentPropertiesW is called with a valid dmDriverExtra but outputs a buffer. An attacker can exploit this...

CVE-2025-40827

Affected products and versions: Siemens Software Center (all versions < V3.5) and Solid Edge SE2025 (all versions

Siemens Software Center and Solid Edge

SUMMARY Siemens Software Center and Solid Edge is affected by a DLL hijacking vulnerability. This could allow an attacker to execute arbitrary code via placing a crafted DLL file on the system. Siemens has released new versions for the affected products and recommends to update to the latest...

CVE-2025-60749

DLL Hijacking vulnerability in Trimble SketchUp desktop 2025 via crafted libcef.dll used by sketchupwebhelper.exe...

Trimble SketchUp Desktop 安全漏洞

Trimble SketchUp Desktop is a 3D modeling software from Trimble USA. A security vulnerability exists in Trimble SketchUp Desktop 2025, which stems from sketchupwebhelper.exe's use of a specially crafted libcef.dll, which could lead to a DLL hijacking attack...