Lucene search
K

1215 matches found

Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.5 views

PT-2025-47246

Name of the Vulnerable Software and Affected Versions MILCO.S Setting Application all versions MILCO.S Setting Application IR all versions MILCO.S Easy Setting Application IR all versions MILCO.S Easy Switch Application IR all versions Description A security issue exists in the Setting and...

7.7CVSS6.5AI score0.00123EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/11/11 8:20 p.m.4 views

CVE-2025-40827

A vulnerability has been identified in Siemens Software Center All versions V3.5, Solid Edge SE2025 All versions V225.0 Update 10. The affected application is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code via placing a crafted DLL file on the system...

8.5CVSS0.00141EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/01 12:25 a.m.8 views

CVE-2025-60749

DLL Hijacking vulnerability in Trimble SketchUp desktop 2025 via crafted libcef.dll used by sketchupwebhelper.exe...

7.8CVSS7AI score0.00171EPSS
Exploits1References1
NVD
NVD
added 2025/10/31 3:15 p.m.4 views

CVE-2025-60749

DLL Hijacking vulnerability in Trimble SketchUp desktop 2025 via crafted libcef.dll used by sketchupwebhelper.exe...

7.8CVSS0.00171EPSS
Exploits1References3
CVE
CVE
added 2025/10/31 12:0 a.m.29 views

CVE-2025-60749

Trimble SketchUp Desktop 2025 is affected by a DLL hijacking flaw in sketchup_webhelper.exe via a crafted libcef.dll. Root cause: hijacked DLL loading in SketchUp, allowing code execution within the app context (per PT-2025-44631). Affected component/file: libcef.dll used by sketchup_webhelper.ex...

7.8CVSS6.6AI score0.00171EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/10/31 12:0 a.m.4 views

PT-2025-44631

Name of the Vulnerable Software and Affected Versions Trimble SketchUp desktop version 2025 Description A DLL hijacking issue exists in Trimble SketchUp desktop 2025. This occurs due to a crafted libcef.dll file being used by sketchup webhelper.exe. An attacker could potentially leverage this to...

7.8CVSS7AI score0.00171EPSS
Exploits1References7
NVD
NVD
added 2025/10/29 5:15 a.m.3 views

CVE-2025-62776

The installer of WTW EAGLE for Windows 3.0.8.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application...

8.4CVSS0.00146EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/29 4:29 a.m.5 views

EUVD-2025-36592

The installer of WTW EAGLE for Windows 3.0.8.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application...

8.4CVSS6.9AI score0.00146EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/29 12:0 a.m.4 views

Docker Desktop for Windows < 4.49.0 Privilege Escalation (CVE-2025-9164)

The version of Docker Desktop for Windows installed on the remote host is prior to 4.49.0. It is, therefore, affected by a privilege escalation vulnerability: - Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs i...

8.8CVSS5.5AI score0.00099EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/27 1:53 p.m.4 views

CVE-2025-9164 Multiple DLL Search Order Hijacking Vulnerabilities in Docker Desktop Installer for Windows

Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs in the user's Downloads folder before checking system directories, allowing local privilege escalation through malicious DLL placement.This issue affects Docker...

8.8CVSS6.7AI score0.00099EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/23 12:0 a.m.8 views

PT-2025-43961

Name of the Vulnerable Software and Affected Versions Docker Desktop versions through 4.48.0 Description The Docker Desktop Installer.exe is susceptible to a DLL hijacking issue stemming from an insecure DLL search order. The installer prioritizes searching for necessary DLLs within the user's...

8.8CVSS6.5AI score0.00099EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/10/17 4:38 a.m.5 views

Installer of AutoDownloader may insecurely load Dynamic Link Libraries

Overview Installer of AutoDownloader provided by Panasonic Connect Co., Ltd. contains the following vulnerability with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2025-11223 Kazuma Matsumoto of GMO Cybersecurity ...

8.4CVSS6.9AI score0.00151EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/10/16 2:51 p.m.5 views

CVE-2025-10581

A potential DLL hijacking vulnerability was discovered in the Lenovo PC Manager during an internal security assessment that could allow a local authenticated user to execute code with elevated privileges...

8.5CVSS7AI score0.00141EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/16 6:33 a.m.11 views

CVE-2025-26859

RemoteView PC Application Console versions prior to 6.0.2 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...

8.5CVSS7.8AI score0.00157EPSS
Exploits0References1
NVD
NVD
added 2025/10/15 6:15 a.m.12 views

CVE-2025-26860

RemoteCall Remote Support Program for Operator versions prior to 5.1.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...

8.5CVSS0.00157EPSS
Exploits0References2
CVE
CVE
added 2025/10/15 6:7 a.m.14 views

CVE-2025-26861

CVE-2025-26861 affects RemoteCall Remote Support Program (for Operator). The vulnerability is an uncontrolled search path element (CWE-427) in versions prior to 5.3.0, which could allow arbitrary code execution if a crafted DLL is placed in the same folder as the affected product. Public sources ...

8.5CVSS7.3AI score0.00157EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/15 12:0 a.m.4 views

PT-2025-42233

RemoteCall Remote Support Program for Operator versions prior to 5.3.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...

8.5CVSS7.3AI score0.00157EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/15 12:0 a.m.4 views

PT-2025-42231

RemoteView PC Application Console versions prior to 6.0.2 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...

8.5CVSS7.3AI score0.00157EPSS
Exploits0References3
NVD
NVD
added 2025/10/14 4:15 p.m.6 views

CVE-2025-57716

An Uncontrolled Search Path Element vulnerability CWE-427 in FortiClient Windows 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local low privileged user to perform a DLL hijacking attack via placing a malicious DLL to the FortiClient Online Installer installation folder...

7.3CVSS0.00161EPSS
Exploits0References1
OSV
OSV
added 2025/10/14 4:15 p.m.3 views

CVE-2025-57716

An Uncontrolled Search Path Element vulnerability CWE-427 in FortiClient Windows 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local low privileged user to perform a DLL hijacking attack via placing a malicious DLL to the FortiClient Online Installer installation folder...

7.3CVSS5.8AI score0.00161EPSS
Exploits0References1
Rows per page
Query Builder