1215 matches found
PT-2025-50346
Name of the Vulnerable Software and Affected Versions MailEnable versions prior to 10.54 Description MailEnable versions prior to 10.54 have an issue where the software loads DLLs in an insecure manner, potentially allowing a local attacker to execute arbitrary code. Specifically, the MailEnable...
MailEnable 代码问题漏洞
MailEnable is a Windows-based business e-mail server from MailEnable Australia. MailEnable suffers from a MailEnable Insecure DLL Load vulnerability that can be exploited by an attacker to cause local arbitrary code execution...
MailEnable 代码问题漏洞
MailEnable is a Windows-based business e-mail server from MailEnable Australia. MailEnable suffers from an insecure DLL loading vulnerability that can be exploited by an attacker to cause local arbitrary code execution...
PT-2025-50347
Name of the Vulnerable Software and Affected Versions MailEnable versions prior to 10.54 Description MailEnable versions prior to 10.54 have an unsafe DLL loading issue that could allow a local attacker to execute arbitrary code. The MailEnable administrative executable loads MEAIAU.DLL from the...
MailEnable 代码问题漏洞
MailEnable is a commercial email server software designed for Windows operating systems that provides end-to-end email hosting and collaboration solutions. MailEnable suffers from a code issue vulnerability that stems from an insecure DLL loading mechanism that can be exploited by an attacker to...
PT-2025-50235
Name of the Vulnerable Software and Affected Versions COMMAX UMS Client ActiveX Control version 1.7.0.2 Description The COMMAX UMS Client ActiveX Control contains a heap-based buffer overflow issue. An attacker can execute arbitrary code by supplying overly long string arrays through multiple...
ValleyRAT Campaign Targets Job Seekers, Abuses Foxit PDF Reader for DLL Side-loading
Job seekers looking out for opportunities might instead find their personal devices compromised, as a ValleyRAT campaign propagated through email leverages Foxit PDF Reader for concealment and DLL side-loading for initial entry...
PureRAT Campaign Targets Job Seekers, Abuses Foxit PDF Reader for DLL Side-loading
Job seekers looking out for opportunities might instead find their personal devices compromised, as a PureRAT campaign propagated through email leverages Foxit PDF Reader for concealment and DLL side-loading for initial entry...
CVE-2025-11772
A carefully crafted DLL, copied to C:\ProgramData\Synaptics folder, allows a local user to execute arbitrary code with elevated privileges during driver installation...
CVE-2025-64772
The installer of INZONE Hub 1.0.10.3 to 1.0.17.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privilege of the user invoking the installer...
Synaptics Fingerprint Driver 安全漏洞
Synaptics Fingerprint Driver is a regional touch and swipe fingerprint driver from Synaptics, Inc. A security vulnerability exists in Synaptics Fingerprint Driver that originates from a specially crafted DLL file that can be exploited by a local user, potentially resulting in elevated privileges...
CVE-2025-59485
Incorrect default permissions issue exists in Security Point Windows of MaLion prior to Ver.5.3.4. If this vulnerability is exploited, an arbitrary file could be placed in the specific folder by a user who can log in to the system where the product's Windows client is installed. If the file is a...
CVE-2025-63685
Quark Cloud Drive v3.23.2 has a DLL Hijacking vulnerability. This vulnerability stems from the insecure loading of system libraries. Specifically, the application does not validate the path or signature of regsvr32.exe it loads. An attacker can place a crafted malicious DLL in the application's...
Notepad++ Plugin Persistence
This module create persistence by adding a malicious plugin to Notepad++, as it blindly loads and executes DLL from its plugin directory on startup, meaning that the payload will be executed every time Notepad++ is launched. Module Options msf use...
CVE-2025-63685
Quark Cloud Drive v3.23.2 has a DLL Hijacking vulnerability. This vulnerability stems from the insecure loading of system libraries. Specifically, the application does not validate the path or signature of regsvr32.exe it loads. An attacker can place a crafted malicious DLL in the application's...
CVE-2025-12852
DLL Loading vulnerability in NEC Corporation RakurakuMusen Start EX All Verisons allows a attacker to manipulate the PC environment to cause unintended operations on the user's device...
PT-2025-47633
Name of the Vulnerable Software and Affected Versions Quark Cloud Drive version 3.23.2 Description The software contains a flaw due to insecure loading of system libraries. The application does not validate the path or signature of regsvr32.exe when loading it. An attacker could place a malicious...
Alibaba Quark Cloud Drive 安全漏洞
Alibaba Quark Cloud Drive is an online disk software from Chinese company Alibaba. A security vulnerability exists in Alibaba Quark Cloud Drive version v3.23.2, which originates from insecure loading of system libraries and could lead to a DLL hijacking attack...
CVE-2025-63685
CVE-2025-63685 affects Quark Cloud Drive v3.23.2. The vulnerability is a DLL hijack caused by insecure loading of system libraries: the app does not validate the path or signature of regsvr32.exe, allowing a malicious DLL placed in the startup directory to be loaded and executed when the program ...
CVE-2025-10089 Malicious Code Execution Vulnerability in Setting and Operation Application for Lighting Control System MILCO.S
Uncontrolled Search Path Element Vulnerability in Setting and Operation Application for Lighting Control System MILCO.S Setting Application all versions, MILCO.S Setting Application IR all versions, MILCO.S Easy Setting Application IR all versions, and MILCO.S Easy Switch Application IR all...