CVE-2026-23755 D-Link D-View 8 Installer DLL Preloading via Uncontrolled Search Path

D-Link D-View 8 versions 2.0.1.107 and below contain an uncontrolled search path vulnerability in the installer. When executed with elevated privileges via UAC, the installer attempts to load version.dll from its execution directory, allowing DLL preloading. An attacker can supply a malicious...

D-Link D-View 8 code issues and vulnerabilities

D-Link D-View 8 is a comprehensive network management software developed by D-Link Corporation. Versions of D-Link D-View 8 2.0.1.107 and earlier contained a code vulnerability. This vulnerability stemmed from an uncontrolled search path within the installer, which could lead to DLL preloading an...

CVE-2025-58743

Use of a Broken or Risky Cryptographic Algorithm DES vulnerability in the Password class in C2SConnections.dll in Milner ImageDirector Capture on Windows allows Encryption Brute Forcing to obtain database credentials.This issue affects ImageDirector Capture: from 7.0.9.0 before 7.6.3.25808...

UBUNTU-CVE-2025-33231

NVIDIA Nsight Systems for Windows contains a vulnerability in the application’s DLL loading mechanism where an attacker could cause an uncontrolled search path element by exploiting insecure DLL search paths. A successful exploit of this vulnerability might lead to code execution, escalation of...

CVE-2025-61973

A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user can replace a DLL file during the installation process, which may result in unintended elevation of privileges...

CVE-2025-61973

A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user can replace a DLL file during the installation process, which may result in unintended elevation of privileges...

CVE-2025-61973

A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user can replace a DLL file during the installation process, which may result in unintended elevation of privileges...

PT-2026-3020

A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user can replace a DLL file during the installation process, which may result in unintended elevation of privileges...

Epic Games Store security vulnerabilities

Epic Games Store is an online gaming platform operated by Epic Games, a company based in the United States. There is a security vulnerability in Epic Games Store, which stems from the ability for low-privilege users to replace DLL files during the installation process, potentially leading to an...

CVE-2020-36911 Covenant 0.5 - Remote Code Execution (RCE)

Covenant 0.1.3 - 0.5 contains a remote code execution vulnerability that allows attackers to craft malicious JWT tokens with administrative privileges. Attackers can generate forged tokens with admin roles and upload custom DLL payloads to execute arbitrary commands on the target system...

CVE-2020-36911

CVE-2020-36911 affects Covenant versions 0.1.3 through 0.5, described as a remote code execution vulnerability where an attacker can forge JWT tokens with administrative privileges and upload DLL payloads to execute arbitrary commands on the target system. The threat relies on forging tokens to g...

PT-2026-2356

Name of the Vulnerable Software and Affected Versions Covenant versions 0.1.3 through 0.5 Description The software contains a remote code execution issue that allows attackers to create malicious JWT tokens with administrative privileges. Attackers can generate forged tokens with admin roles and...

CVE-2025-69258

A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to execution of attacker-supplied code under the context of SYSTEM on affected installations...

CVE-2025-23309

NVIDIA Display Driver contains a vulnerability where an uncontrolled DLL loading path might lead to arbitrary denial of service, escalation of privileges, code execution, and data tampering...

CVE-2025-66715

Axtion ODISSAAS ODIS v1.8.4 is affected by a DLL hijacking vulnerability. The issue enables arbitrary code execution via a crafted DLL file, due to a hijacking flaw in the application’s DLL loading behavior. The most concrete remediation note in the provided connected document is to update ODISSA...

EUVD-2026-1684

A DLL hijacking vulnerability in Axtion ODISSAAS ODIS v1.8.4 allows attackers to execute arbitrary code via a crafted DLL file...

CVE-2025-69258

A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to execution of attacker-supplied code under the context of SYSTEM on affected installations...

CVE-2025-69258

A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to execution of attacker-supplied code under the context of SYSTEM on affected installations...

CVE-2026-21427

The installers for multiple products provided by PIONEER CORPORATION contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running installer...

CVE-2026-21427

The CVE-2026-21427 issue affects PIONEER CORPORATION installers, where DLL search path handling allows loading insecure libraries (Uncontrolled search path element, CWE-427). Impact: arbitrary code could run with the installer's privileges. Documented by multiple sources (NVD/Red Hat/JVN) as affe...