Cisco Jabber for Windows DLL Preloading Vulnerability

Cisco Jabber for Windows securely unifies status, instant messaging, video, voice, voice messaging, screen sharing, and conferencing capabilities into a single client that simplifies communications and increases productivity. A DLL preloading vulnerability exists in Cisco Jabber for Windows...

Adobe Animator suffers from dll hijacking vulnerability

Adobe Animator is a 2D vector animation creation software. Adobe Animator has a dll hijacking vulnerability when processing xfl project files, which can be exploited by attackers to load a malicious dll and execute malicious code...

Adobe After Effects has a dll hijacking vulnerability

Adobe After Effects abbreviation "AE" is a graphic video processing software launched by Adobe. Adobe After Effects has a dll hijacking vulnerability when processing aep project files, which can be exploited by attackers to load a malicious dll and execute malicious code...

CVE-2018-16156

In PaperStream IP TWAIN 1.42.0.5685 Service Update 7, the FJTWSVIC service running with SYSTEM privilege processes unauthenticated messages received over the FjtwMkicFjicube32 named pipe. One of these message processing functions attempts to dynamically load the UninOldIS.dll library and executes...

XG5000 suffers from dll hijacking vulnerability

XG5000 is a software for programming and debugging XGT/XGB series PLCs. XG5000 suffers from a dll hijacking vulnerability that can be exploited by attackers to execute malicious code...

xp-builder suffers from dll hijacking vulnerability

xp-builder is an XGT HMI editing software. xp-builder suffers from a dll hijacking vulnerability that can be exploited by attackers to execute malicious code...

DLL Hijacking Vulnerability in Display Control Remote HMI

Shenzhen Xianzhong Technology is a national high-tech enterprise specializing in the research and development, production, sales and service of Industry 4.0 core products. There is a dll hijacking vulnerability in Remote HMI. Attackers can construct a malicious application placed in a specific...

Kingsoft pdf pc client software has a command execution vulnerability

Kingsoft PDF is by Kingsoft Office Software Limited out of a PDF file format for reading and processing tools. Kingsoft pdf pc client software there are command execution vulnerabilities, the software PC client can allow an attacker to inject executable DLL files in the client process, the...

Tencent TIM pc client software suffers from a command execution vulnerability

TIM, QQ Office Simple Edition, is a cross-platform communication tool that focuses on teamwork. Tencent TIM pc client software has a command execution vulnerability, the software PC client can allow an attacker to inject executable DLL files into the client process to execute arbitrary functions...

dll hijacking vulnerability exists in state god dwmapi

Nanjing New Dixon Software Technology Co., Ltd. is a company mainly engaged in computer software and hardware technology development, sales, installation, technical consulting, technical services; computer system integration; network engineering and other projects. There is a dll hijacking...

Hopscotch MagicWorks HMI wintab32 suffers from dll hijacking vulnerability

Shenzhen Hexin Automation Technology Co., Ltd. is a company that mainly deals with items such as PLC, HMI, servo, special control system, remote I/O and field network products. Hopsin MagicWorks HMI wintab32 has a dll hijacking vulnerability that can be exploited by attackers to execute malicious...

CVE-2019-5913

Untrusted search path vulnerability in the installer of LHMelting LHMelting for Win32 Ver 1.65.3.6 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

CVE-2019-3587

DLL Search Order Hijacking vulnerability in Microsoft Windows client in McAfee Total Protection MTP Prior to 16.0.18 allows local users to execute arbitrary code via execution from a compromised folder...

Sublime Text 3 v3.1.1 build 3176 suffers from DLL hijacking vulnerability

Sublime Text is a cross-platform, extensible text editor for code, markup, and more. A DLL hijacking vulnerability exists in Sublime Text 3 v3.1.1 build 3176. An attacker can exploit this vulnerability to elevate privileges...

CVE-2018-20211

ExifTool 8.32 allows local users to gain privileges by creating a %TEMP%\par-%username%\cache-exiftool-8.32 folder with a victim's username, and then copying a Trojan horse ws3232.dll file into this new folder, aka DLL Hijacking. NOTE: 8.32 is an obsolete version from 2010 9.x was released starti...

CVE-2018-5202

SKCertService 2.5.5 and earlier contains a vulnerability that could allow remote attacker to execute arbitrary code. This vulnerability exists due to the way .dll files are loaded by SKCertService. It allows an attacker to load a .dll of the attacker's choosing that could execute arbitrary code...

The installer of Windows10 Fall Creators Update Modify module for Security Measures tool may insecurely load Dynamic Link Libraries

Overview The installer of Windows10 Fall Creators Update Modify module for Security Measures tool provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Tomohisa Hasegawa of Canon...

CVE-2018-15976

Adobe Technical Communications Suite versions 1.0.5.1 and below have an insecure library loading dll hijacking vulnerability. Successful exploitation could lead to privilege escalation...

CVE-2018-12449

The Whale browser installer 0.4.3.0 and earlier versions allows DLL hijacking...

Adobe Technical Communications Suite DLL Load Local Elevation of Privilege Vulnerability

Adobe Technical Communications Suite is a set of information management suite from the American company Audobee Adobe. The product supports users to create, manage and publish technical documents, books and other content. A DLL load local elevation of privilege vulnerability exists in Adobe...