Mcafee McAfee Drive Encryption 代码问题漏洞

Mcafee McAfee Drive Encryption is a full-disk encryption software from Mcafee that helps protect data on Microsoft Windows tablets, laptops, and desktop PCs from sensitive data loss, especially from lost or stolen devices. mcafee Drive Encryption MDE version 7.3.0 HF2 7.3.0.183 prior to this...

Delta Electronics DiaLink 代码问题漏洞

DIALink is an equipment networking platform from Delta Electronics that effectively manages CNC machines and PLC-controlled machines, collects on-site equipment data and connects it to the upper management platform through a unified interface, and at the same time provides visual information...

AUVESY Versiondog 代码问题漏洞

AUVESY Versiondog is an automated production data and change management software solution from the German company AUVESY. AUVESY Versiondog has a code issue vulnerability that could be exploited by an attacker to hijack a loaded DLL...

Exploit for Path Traversal in Microsoft

This repository is an exploit module for CVE-2021-40444, a remote code execution vulnerability in Microsoft Office Word. The repository contains a Python script exploit.py that generates a malicious docx document, a Windows DLL calc.dll that pops a calc.exe when executed, and a server script...

CVE-2021-36297

SupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability that allows attackers to load an arbitrary .dll file via .dll planting/hijacking, only by a separate administrative action that is not a default part of the SOSInstallerTool.exe installation for executing...

PT-2021-19548 · Mcafee · Mcafee Agent For Windows

Name of the Vulnerable Software and Affected Versions: McAfee Agent for Windows versions prior to 5.7.4 Description: The issue is related to improper access control in the repair process, allowing a local attacker to perform a DLL preloading attack using unsigned DLLs. This results in elevation o...

PT-2021-19543 · Mcafee · Mcafee Agent For Windows

Name of the Vulnerable Software and Affected Versions: McAfee Agent for Windows versions prior to 5.7.4 Description: A DLL sideloading issue could allow a local user to perform a DLL sideloading attack with an unsigned DLL with a specific name and in a specific location. This would result in the...

Autodesk FBX Review 缓冲区错误漏洞

Autodesk FBX Review, a lightweight standalone tool for viewing 3D assets and animations, is vulnerable to an out-of-bounds read/write vulnerability in Autodesk FBX Review version 1.4.0. An attacker could exploit the vulnerability via a specially crafted DLL file to achieve remote code execution o...

CVE-2021-36216

LINE for Windows 6.2.1.2289 and before allows arbitrary code execution via malicious DLL injection...

Sony Audio USB Driver 代码问题漏洞

SONY Sony Audio USB Driver is a Sony USB driver from Sony Japan. A code issue vulnerability exists in Sony Audio USB Driver. The vulnerability stems from the installer for multiple Sony products containing a DLL search path issue, which could lead to unsafe loading of dynamic link libraries...

CVE-2021-3633

A DLL preloading vulnerability was reported in Lenovo Driver Management prior to version 2.9.0719.1104 that could allow privilege escalation...

TIETEN Acronis Cyber Protect代码问题漏洞

TIETEN Acronis Cyber Protect is an application from TIETEN Acronis Cyber Protect TIETEN, China. provides the ability to unify your network protection by integrating backup, disaster recovery, AI-based malware protection, remote assistance, and security into a single, reliable tool. A security...

CVE-2021-38571

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows DLL hijacking, aka CNVD-C-2021-68000 and CNVD-C-2021-68502...

CVE-2021-32580

Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to DLL hijacking...

AgileBits 1Password 代码问题漏洞

Agilebits AgileBits 1Password is a cross-platform account and password management tool from AgileBits Canada. A security vulnerability exists in 1Password version 7.3.712, which can be exploited by an attacker to execute arbitrary code via a DLL injection vulnerability in 1password.dll...

CVE-2021-25698

The OpenSSL component of the Teradici PCoIP Standard Agent prior to version 21.07.0 was compiled without the no-autoload-config option, which allowed an attacker to elevate to the privileges of the running process via placing a specially crafted dll in a build configuration directory...

PowerSploit

This is an offensive tool for Windows PowerShell exploitation. It is a collection of PowerShell modules, specifically PowerSploit, which provides various functions for code execution, DLL injection, and antivirus bypass. The tool is designed to be used by penetration testers and red teamers to te...

VMware Thinapp 代码问题漏洞

VMware Thinapp is a suite of application virtualization and portable application creators from Vmware USA that packages regular applications to make them portable. VMware Thinapp A code issue vulnerability exists that stems from VMware Thinapp versions prior to 5.2.10 contain a DLL hijacking...

iOS Malicious Bit Hunter - A Malicious Plug-In Detection Eng ine For iOS Applications

iOS Malicious Bit Hunter is a malicious plug-in detection engine for iOS applications. It can analyze the head of the macho file of the injected dylib dynamic library based on runtime, and can perform behavior analysis through interface input characteristics to determine the behavior of the dynam...

CVE-2021-31840

A vulnerability in the preloading mechanism of specific dynamic link libraries in McAfee Agent for Windows prior to 5.7.3 could allow an authenticated, local attacker to perform a DLL preloading attack with unsigned DLLs. To exploit this vulnerability, the attacker would need to have valid...