dll hijacking vulnerability in Yisetron Data Security Guard

Yisetong Data Security Guard is a security product that specializes in preventing your private data assets from being illegally stolen or used by others in the process of sharing and storing. A dll hijacking vulnerability exists in Yisetone Data Safeguard. The vulnerability is due to an unsafe...

Hitachi HIBUN Confidential File Viewer Installer Untrusted Search Path Vulnerability

Hitachi HIBUN Confidential File Viewer is a set of confidential file viewers from Hitachi Solutions Japan. install is one of the installation programs. An untrusted search path vulnerability exists in the installer in versions of Hitachi HIBUN Confidential File Viewer prior to 11.20.0001. The...

Zhejiang Dahua Playback Library SDK (win32) suffers from an out-of-bounds access vulnerability

Hikvision playback library SDK programming is a Hikvision embedded network DVRs, video servers, equipment related to the playback of the supporting products of the secondary development kit. An out-of-bounds access vulnerability exists in dhplay.dll of the playback library SDK provided by Zhejian...

CVE-2017-13676

Norton Remove & Reinstall can be susceptible to a DLL preloading vulnerability. These types of issues occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, it will generally follow a...

CVE-2017-9961

A vulnerability exists in Schneider Electric's Pro-Face GP Pro EX version 4.07.000 that allows an attacker to execute arbitrary code. Malicious code installation requires an access to the computer. By placing a specific DLL/OCX file, an attacker is able to force the process to load arbitrary DLL...

DLL Hijacking Vulnerability in Hikvision's Fluorite Studio PC Client

Fluorite Studio is the companion client software for the Fluorite Cloud Video webcam, a PC client based on video applications. A DLL hijacking vulnerability exists in Hikvision's Firefly Studio PC client, which can be exploited by an attacker to execute arbitrary code on the target system by usin...

CVE-2017-10859

Untrusted search path vulnerability in "i-filter 6.0 installer" timestamp of code signing is before 23 Aug 2017 JST allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

CVE-2017-5147

An Uncontrolled Search Path Element issue was discovered in AzeoTech DAQFactory versions prior to 17.1. An uncontrolled search path element vulnerability has been identified, which may execute malicious DLL files that have been placed within the search path...

i-SENS SmartLog Diabetes Management Software Code Execution Vulnerability

SmartLog Diabetes Management Software is software used to track and monitor an individual's blood glucose levels by connecting a glucose meter to a computer via USB. A code execution vulnerability exists in i-SENS SmartLog Diabetes Management Software, which allows an attacker to execute arbitrar...

The CRCA User's Software Untrusted Search Path Vulnerability

The CRCA user's Software is a business registration electronic authentication software from the Ministry of Justice in Japan. An untrusted search path vulnerability exists in The CRCA user's Software version 1.8. The vulnerability can be exploited by a remote attacker to gain privileges via a...

CVE-2017-11158

Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Drive before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse 1 shfolder.dll, 2 ntmarta.dll, 3 secur32.dll or 4 dwmapi.dll file in th...

Fuji Xerox ContentsBridge Utility for Windows Installer Search Path Handling Elevation of Privilege Vulnerability

Fuji Xerox ContentsBridge Utility for Windows is a document printing utility for Windows-based platforms. Fuji Xerox ContentsBridge Utility for Windows handles search paths due to a security vulnerability that allows remote attackers to exploit the vulnerability by submitting a specially crafted...

Multiple Fuji Xerox Products Installer Untrusted Search Path Vulnerability

Fuji Xerox DocuCentre-VI and ApeosPort-VI are PCL print drivers for digital laminators. An untrusted search path vulnerability exists in the installer for multiple Fuji Xerox products. Allows an attacker to gain privileges by being in an unknown Trojan DLL directory...

AzeoTech DAQFactory Uncontrolled Search Path Element Vulnerability

AzeoTech DAQFactory is an HMI/SCADA software. AzeoTech DAQFactory suffers from an uncontrolled search path element vulnerability that can be exploited by an attacker to execute a malicious DLL file that has been placed in the search path...

Installer and self-extracting archive containing the installer of "Security Setup Tool" may insecurely load Dynamic Link Libraries

Overview The installer and the self-extracting archive containing the installer of "Security Setup Tool" provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of...

Shin Kinkyuji Houkoku Data Nyuryoku Program Untrustworthy Search Path Vulnerability

Shin Kinkyuji Houkoku Data Nyuryoku Program is a data entry program for basic statistical reports for the petroleum industry from the Agency for Natural Resources and Energy of Ministry, Trade and Industry METI in Japan. Installer is one of the installation programs. An untrusted search path...

Installer of Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program may insecurely load Dynamic Link Libraries

Overview Installer of Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program provided by Agency for Natural Resources and Energy of METI contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this...

CVE-2017-9648

An Uncontrolled Search Path Element issue was discovered in Solar Controls WATTConfig M Software Version 2.5.10.1 and prior. An uncontrolled search path element has been identified, which could allow an attacker to execute arbitrary code on a target system using a malicious DLL file...

360 Compressor has an override access vulnerability

360 Compress is a free decompression software from 360. An over-the-horizon access vulnerability exists in 360 Zip. The vulnerability is due to 360zipc.dll writing data to a NULL address, allowing an attacker to exploit the vulnerability to execute code...

CVE-2017-12480

Sandboxie installer 5071703 has a DLL Hijacking or Unsafe DLL Loading Vulnerability via a Trojan horse dwmapi.dll or profapi.dll file in an AppData\Local\Temp directory...