CVE-2025-10215

DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a FREngine.dll file of their choice in the 'C:\Users\Public\AppData\Local\UPDF\FREngine\Bin64' directory, which could lead to...

CVE-2025-10213

DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a dxtn.dll file of their choice in the 'C:\Users\AppData\Local\Microsoft\WindowsApps' directory, which could lead to arbitrary...

CVE-2025-10214 DLL search path hijacking vulnerability

DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a FREngine.dll file of their choice in the 'C:\Users\AppData\Local\UPDF\FREngine\Bin64' directory, which could lead to arbitrary...

CVE-2025-10213 DLL search path hijacking vulnerability

DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a dxtn.dll file of their choice in the 'C:\Users\AppData\Local\Microsoft\WindowsApps' directory, which could lead to arbitrary...

CVE-2025-40979 DLL search order hijack in Wave by Grandstream Networks

DLL search order hijacking vulnerability in the wave.exe executable for Windows 11, version 1.27.8. Exploitation of this vulnerability could allow attackers with local access to execute arbitrary code by placing an arbitrary file in the 'C:\Users\AppData\Local\Temp' directory, which could lead to...

PT-2025-37035

Name of the Vulnerable Software and Affected Versions: UPDF versions 1.8.5.0 Description: A DLL search path hijacking issue exists in the UPDF.exe executable for Windows. Attackers with local access can execute arbitrary code by placing a malicious FREngine.dll file in the...

UPDF 代码问题漏洞

UPDF is a multi-platform PDF editor from the Chinese company UPDF. A code issue vulnerability exists in UPDF version 1.8.5.0, which stems from DLL search path hijacking and could lead to the execution of arbitrary code...

PT-2025-37080

Name of the Vulnerable Software and Affected Versions: BenimPOS Masaustu versions 3.0.x Description: BenimPOS Masaustu application installation directory grants Everyone and BUILTINUsers groups FILE ALL ACCESS, allowing local users to replace or modify .exe and .dll files. This may lead to...

PT-2025-36904

Name of the Vulnerable Software and Affected Versions: Sunshine for Windows version v2025.122.141614 Description: Sunshine for Windows version v2025.122.141614 contains a DLL search-order hijacking vulnerability. This allows attackers to insert a malicious DLL into user-writable PATH directories...

Sunshine 安全漏洞

Sunshine is an open source self-service game streaming host for Moonlight by LizardByte. A security vulnerability exists in Sunshine version v2025.122.141614, which stems from DLL search order hijacking and could lead to the insertion of a malicious DLL...

CVE-2025-57777 Out Of Bounds Write in displ2.dll when parsing a DSB file with Digilent DASYLab

There is an out of bounds write vulnerability due to improper bounds checking in displ2.dll when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. Th...

Linux Distros Unpatched Vulnerability : CVE-2024-50986

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in Clementine v.1.3.1 allows a local attacker to execute arbitrary code via a crafted DLL file. CVE-2024-50986 Note that Nessus relies on the presence ...

Malicious Package

Overview colorinal is a malicious package. This package is part of a multi-stage attack and its content was removed from the official package manager. The attack utilizes a seemingly harmless package to introduce a malicious dependency. The goal of this attack is to gain remote code execution on...

CVE-2010-10015 AOL <= 9.5 Phobos.Playlist 'Import()' Stack-Based Buffer Overflow

AOL versions up to and including 9.5 includes an ActiveX control Phobos.dll that exposes a method called Import via the Phobos.Playlist COM object. This method is vulnerable to a stack-based buffer overflow when provided with an excessively long string argument. Exploitation allows remote attacke...

EulerOS 2.0 SP13 : glibc (EulerOS-SA-2025-1988)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of...

CVE-2025-30033

The affected setup component is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected setup component...

New Ransomware Charon Uses Earth Baxia APT Techniques to Target Enterprises

We uncovered Charon, a new ransomware strainfamily that uses advanced APT-style techniques, including DLL sideloading, process injection, and anti-EDR capabilities, to target organizations with customized ransom demands...

PT-2025-32647 · Siemens · Automation License Manager V6.0 +134

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: The affected setup component is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code when a legitimate user installs an...

BIT-LIBPYTHON-2020-8315

In Python CPython 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1, an insecure dependency load upon launch on Windows 7 may result in an attacker's copy of api-ms-win-core-path-l1-1-0.dll being loaded and used instead of the system's copy. Windows 8 and later are unaffected...

BIT-LIBPYTHON-2020-15523

In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4, and 3.9 through 3.9.0 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application. This occurs because python3X.dll may use an invalid search path for python3.dll loading after...