924 matches found
CVE-2026-2998
ERP developed by eAI Technologies has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a crafted DLL file in the same directory as the program, thereby executing arbitrary code...
CVE-2026-2998
The CVE-2026-2998 entry concerns the ERP product developed by eAI Technologies and describes a DLL Hijacking vulnerability. According to the provided documents, an authenticated local attacker can place a crafted DLL file in the same directory as the ERP executable, leading to arbitrary code exec...
eAI ERP 代码问题漏洞
eAI ERP is an enterprise resource management software developed by eAI Corporation. eAI ERP has code vulnerabilities, which stem from DLL hijacking. These vulnerabilities may allow authenticated local attackers to execute arbitrary code...
CVE-2026-26050
The installer for ジョブログ集計/分析ソフトウェア RICOHジョブログ集計ツール versions prior to Ver.1.3.7 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrative privileges...
PT-2026-20923
Name of the Vulnerable Software and Affected Versions Splunk Enterprise for Windows versions prior to 10.2.0 Splunk Enterprise for Windows versions prior to 10.0.3 Splunk Enterprise for Windows versions prior to 9.4.8 Splunk Enterprise for Windows versions prior to 9.3.9 Splunk Enterprise for...
Splunk Enterprise 9.2.0 < 9.2.12, 9.3.0 < 9.3.9, 9.4.0 < 9.4.8, 10.0.0 < 10.0.3 (SVD-2026-0205)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0205 advisory. - In Splunk Enterprise for Windows versions below 10.2.0, 10.0.3, 9.4.8, 9.3.9, and 9.2.12, a lowprivileged Windows user who ca...
Notepad++ Fixes Hijacked Update Mechanism Used to Deliver Targeted Malware
Notepad++ has released a security fix to plug gaps that were exploited by an advanced threat actor from China to hijack the software update mechanism to selectively deliver malware to targets of interest. The version 8.9.2 update incorporates what maintainer Don Ho calls a "double lock" design th...
CVE-2026-2516 Unidocs ezPDF DRM Reader/ezPDF Reader SHFOLDER.dll uncontrolled search path
A vulnerability was identified in Unidocs ezPDF DRM Reader and ezPDF Reader 2.0/3.0.0.4. This affects an unknown part in the library SHFOLDER.dll. Such manipulation leads to uncontrolled search path. The attack needs to be performed locally. Attacks of this nature are highly complex. It is...
CVE-2025-54519
A DLL hijacking vulnerability in Doc Nav could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...
CVE-2025-54519
A DLL hijacking vulnerability in Doc Nav could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...
PT-2026-7878
A DLL hijacking vulnerability in Doc Nav could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...
CVE-2025-52541
A DLL hijacking vulnerability in Vivado could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...
CVE-2025-52541
CVE-2025-52541 is a DLL hijacking vulnerability in AMD/Vivado components. The Red Hat, NVD, CVE list and AMD bulletin describe a local attacker can exploit uncontrolled DLL search paths in the 2024.2 Vivado installation to achieve privilege escalation and potentially arbitrary code execution. The...
CVE-2025-52541
A DLL hijacking vulnerability in Vivado could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...
CVE-2025-48503
CVE-2025-48503 is described as a DLL hijacking vulnerability in the AMD Software Installer that could enable privilege escalation and potentially arbitrary code execution. The primary affected component is the AMD Software Installer (and related AMD graphics software) as noted in multiple feeds, ...
AMD Vivado 安全漏洞
AMD Vivado is a hardware development and integrated design environment provided by the American semiconductor company AMD. AMD Vivado has security vulnerabilities, which stem from DLL hijacking. These vulnerabilities may allow local attackers to gain elevated privileges, enabling them to execute...
CVE-2026-1763 Enervista UR Setup DLL Hijacking
Vulnerability in GE Vernova Enervista UR Setup on Windows.This issue affects Enervista: 8.6 and previous versions...
CVE-2026-25656
A vulnerability has been identified in SINEC NMS All versions V4.0 SP3, User Management Component UMC All versions V2.15.2.1. The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load malicious DLLs, potentially...
PT-2026-5946
Name of the Vulnerable Software and Affected Versions Lexmark Embedded Solutions Framework affected versions not specified Description An untrusted search path issue exists in Lexmark devices, potentially allowing an attacker to execute arbitrary code. This flaw enables DLL hijacking without...
CVE-2026-24070
During the installation of the Native Access application, a privileged helper com.native-instruments.NativeAccess.Helper2, which is used by Native Access to trigger functions via XPC communication like copy-file, remove or set-permissions, is deployed as well. The communication with the XPC servi...