Lucene search
K

1215 matches found

Positive Technologies
Positive Technologies
added 2025/12/10 12:0 a.m.4 views

PT-2025-50346

Name of the Vulnerable Software and Affected Versions MailEnable versions prior to 10.54 Description MailEnable versions prior to 10.54 have an issue where the software loads DLLs in an insecure manner, potentially allowing a local attacker to execute arbitrary code. Specifically, the MailEnable...

8.5CVSS7AI score0.00147EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/12/10 12:0 a.m.3 views

MailEnable 代码问题漏洞

MailEnable is a Windows-based business e-mail server from MailEnable Australia. MailEnable suffers from a MailEnable Insecure DLL Load vulnerability that can be exploited by an attacker to cause local arbitrary code execution...

8.5CVSS6.1AI score0.00147EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/10 12:0 a.m.4 views

MailEnable 代码问题漏洞

MailEnable is a Windows-based business e-mail server from MailEnable Australia. MailEnable suffers from an insecure DLL loading vulnerability that can be exploited by an attacker to cause local arbitrary code execution...

8.5CVSS6.1AI score0.00141EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/10 12:0 a.m.6 views

PT-2025-50347

Name of the Vulnerable Software and Affected Versions MailEnable versions prior to 10.54 Description MailEnable versions prior to 10.54 have an unsafe DLL loading issue that could allow a local attacker to execute arbitrary code. The MailEnable administrative executable loads MEAIAU.DLL from the...

8.5CVSS6.9AI score0.00144EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.2 views

MailEnable 代码问题漏洞

MailEnable is a commercial email server software designed for Windows operating systems that provides end-to-end email hosting and collaboration solutions. MailEnable suffers from a code issue vulnerability that stems from an insecure DLL loading mechanism that can be exploited by an attacker to...

8.5CVSS7.5AI score0.00158EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.5 views

PT-2025-50235

Name of the Vulnerable Software and Affected Versions COMMAX UMS Client ActiveX Control version 1.7.0.2 Description The COMMAX UMS Client ActiveX Control contains a heap-based buffer overflow issue. An attacker can execute arbitrary code by supplying overly long string arrays through multiple...

8.7CVSS8AI score0.00447EPSS
Exploits0References7
Trend Micro Simply Security
Trend Micro Simply Security
added 2025/12/03 12:0 a.m.4 views

ValleyRAT Campaign Targets Job Seekers, Abuses Foxit PDF Reader for DLL Side-loading

Job seekers looking out for opportunities might instead find their personal devices compromised, as a ValleyRAT campaign propagated through email leverages Foxit PDF Reader for concealment and DLL side-loading for initial entry...

7AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2025/12/03 12:0 a.m.3 views

PureRAT Campaign Targets Job Seekers, Abuses Foxit PDF Reader for DLL Side-loading

Job seekers looking out for opportunities might instead find their personal devices compromised, as a PureRAT campaign propagated through email leverages Foxit PDF Reader for concealment and DLL side-loading for initial entry...

7AI score
Exploits0
NVD
NVD
added 2025/12/01 7:15 p.m.4 views

CVE-2025-11772

A carefully crafted DLL, copied to C:\ProgramData\Synaptics folder, allows a local user to execute arbitrary code with elevated privileges during driver installation...

6.6CVSS0.00145EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/01 12:22 a.m.6 views

CVE-2025-64772

The installer of INZONE Hub 1.0.10.3 to 1.0.17.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privilege of the user invoking the installer...

8.4CVSS0.00183EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/01 12:0 a.m.3 views

Synaptics Fingerprint Driver 安全漏洞

Synaptics Fingerprint Driver is a regional touch and swipe fingerprint driver from Synaptics, Inc. A security vulnerability exists in Synaptics Fingerprint Driver that originates from a specially crafted DLL file that can be exploited by a local user, potentially resulting in elevated privileges...

6.6CVSS6.6AI score0.00145EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/25 7:20 a.m.4 views

CVE-2025-59485

Incorrect default permissions issue exists in Security Point Windows of MaLion prior to Ver.5.3.4. If this vulnerability is exploited, an arbitrary file could be placed in the specific folder by a user who can log in to the system where the product's Windows client is installed. If the file is a...

4.8CVSS4.7AI score0.00096EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/11/25 12:17 a.m.12 views

CVE-2025-63685

Quark Cloud Drive v3.23.2 has a DLL Hijacking vulnerability. This vulnerability stems from the insecure loading of system libraries. Specifically, the application does not validate the path or signature of regsvr32.exe it loads. An attacker can place a crafted malicious DLL in the application's...

9.8CVSS6.9AI score0.00322EPSS
Exploits1References1
Metasploit
Metasploit
added 2025/11/22 6:58 p.m.259 views

Notepad++ Plugin Persistence

This module create persistence by adding a malicious plugin to Notepad++, as it blindly loads and executes DLL from its plugin directory on startup, meaning that the payload will be executed every time Notepad++ is launched. Module Options msf use...

7AI score
Exploits0
NVD
NVD
added 2025/11/20 9:16 p.m.2 views

CVE-2025-63685

Quark Cloud Drive v3.23.2 has a DLL Hijacking vulnerability. This vulnerability stems from the insecure loading of system libraries. Specifically, the application does not validate the path or signature of regsvr32.exe it loads. An attacker can place a crafted malicious DLL in the application's...

9.8CVSS0.00322EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/11/20 1:25 a.m.7 views

CVE-2025-12852

DLL Loading vulnerability in NEC Corporation RakurakuMusen Start EX All Verisons allows a attacker to manipulate the PC environment to cause unintended operations on the user's device...

8.4CVSS6.8AI score0.00122EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/20 12:0 a.m.8 views

PT-2025-47633

Name of the Vulnerable Software and Affected Versions Quark Cloud Drive version 3.23.2 Description The software contains a flaw due to insecure loading of system libraries. The application does not validate the path or signature of regsvr32.exe when loading it. An attacker could place a malicious...

9.8CVSS6.6AI score0.00322EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/11/20 12:0 a.m.6 views

Alibaba Quark Cloud Drive 安全漏洞

Alibaba Quark Cloud Drive is an online disk software from Chinese company Alibaba. A security vulnerability exists in Alibaba Quark Cloud Drive version v3.23.2, which originates from insecure loading of system libraries and could lead to a DLL hijacking attack...

9.8CVSS6.6AI score0.00322EPSS
Exploits1References2
CVE
CVE
added 2025/11/20 12:0 a.m.19 views

CVE-2025-63685

CVE-2025-63685 affects Quark Cloud Drive v3.23.2. The vulnerability is a DLL hijack caused by insecure loading of system libraries: the app does not validate the path or signature of regsvr32.exe, allowing a malicious DLL placed in the startup directory to be loaded and executed when the program ...

9.8CVSS6.5AI score0.00322EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/11/18 7:39 a.m.8 views

CVE-2025-10089 Malicious Code Execution Vulnerability in Setting and Operation Application for Lighting Control System MILCO.S

Uncontrolled Search Path Element Vulnerability in Setting and Operation Application for Lighting Control System MILCO.S Setting Application all versions, MILCO.S Setting Application IR all versions, MILCO.S Easy Setting Application IR all versions, and MILCO.S Easy Switch Application IR all...

7.7CVSS0.00123EPSS
Exploits0References2
Rows per page
Query Builder