10 matches found
CVE-2026-58127
PACSgear MediaWriter 5.2.1 exposes a .NET Remoting TCP service on port 9000 via PacsgearMediaServerEngine.dll, registered with ObjectURIs RemoteObj and UIRemoteObj, without any authentication requirement. By exploiting the MarshalByRefObject object unmarshalling technique and implementing .NET...
CVE-2026-58127
PACSgear MediaWriter 5.2.1 exposes a .NET Remoting TCP service on port 9000 via PacsgearMediaServerEngine.dll, registered with ObjectURIs RemoteObj and UIRemoteObj, without any authentication requirement. By exploiting the MarshalByRefObject object unmarshalling technique and implementing .NET...
PT-2025-39996
Name of the Vulnerable Software and Affected Versions Acronis True Image Windows versions prior to build 42386 Description A local privilege escalation issue exists due to a DLL hijacking weakness. This allows an attacker to potentially gain elevated privileges on a system. Recommendations Update...
CVE-2025-10215
DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a FREngine.dll file of their choice in the 'C:\Users\Public\AppData\Local\UPDF\FREngine\Bin64' directory, which could lead to...
CVE-2025-10215
CVE-2025-10215 affects UPDF.exe for Windows 1.8.5.0. The issue is DLL search path hijacking: an attacker with local access can place a malicious FREngine.dll in C:\Users\Public\AppData\Local\UPDF\FREngine\Bin64\ and trigger arbitrary code execution (and persistence). Several connected sources con...
PT-2024-39387 · Lenovo · Lenovo Starstudio
Name of the Vulnerable Software and Affected Versions: Lenovo stARstudio affected versions not specified Description: A DLL hijack vulnerability was reported that could allow a local attacker to execute code with elevated privileges. Recommendations: At the moment, there is no information about a...
PT-2024-38050 · Okta · Okta Verify For Windows
Name of the Vulnerable Software and Affected Versions: Okta Verify for Windows versions prior to 5.0.2 Description: The issue concerns a privilege escalation vulnerability through DLL hijacking. The vulnerability is fixed in version 5.0.2. Recommendations: For versions prior to 5.0.2, upgrade to...
SUSE CVE-2019-4732
IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client. By placing ...
CVE-2021-42923
ShowMyPC 3606 on Windows suffers from a DLL hijack vulnerability. If an attacker overwrites the file %temp%\ShowMyPC-ShowMyPC3606\wodVPN.dll, it will run any malicious code contained in that file. The code will run with normal user privileges unless the user specifically runs ShowMyPC as...
Adobe Flash Player Insecure Library Loading (DLL Hijacking) Vulnerability
Adobe Flash Player is a cross-platform, browser-based multimedia player product from Adobe. The product supports cross-screen and browser viewing of applications, content and videos. A security vulnerability exists in Adobe Flash Player. An attacker could exploit this vulnerability to elevate...