1215 matches found
PT-2025-47246
Name of the Vulnerable Software and Affected Versions MILCO.S Setting Application all versions MILCO.S Setting Application IR all versions MILCO.S Easy Setting Application IR all versions MILCO.S Easy Switch Application IR all versions Description A security issue exists in the Setting and...
CVE-2025-40827
A vulnerability has been identified in Siemens Software Center All versions V3.5, Solid Edge SE2025 All versions V225.0 Update 10. The affected application is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code via placing a crafted DLL file on the system...
CVE-2025-60749
DLL Hijacking vulnerability in Trimble SketchUp desktop 2025 via crafted libcef.dll used by sketchupwebhelper.exe...
CVE-2025-60749
DLL Hijacking vulnerability in Trimble SketchUp desktop 2025 via crafted libcef.dll used by sketchupwebhelper.exe...
CVE-2025-60749
Trimble SketchUp Desktop 2025 is affected by a DLL hijacking flaw in sketchup_webhelper.exe via a crafted libcef.dll. Root cause: hijacked DLL loading in SketchUp, allowing code execution within the app context (per PT-2025-44631). Affected component/file: libcef.dll used by sketchup_webhelper.ex...
PT-2025-44631
Name of the Vulnerable Software and Affected Versions Trimble SketchUp desktop version 2025 Description A DLL hijacking issue exists in Trimble SketchUp desktop 2025. This occurs due to a crafted libcef.dll file being used by sketchup webhelper.exe. An attacker could potentially leverage this to...
CVE-2025-62776
The installer of WTW EAGLE for Windows 3.0.8.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application...
EUVD-2025-36592
The installer of WTW EAGLE for Windows 3.0.8.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application...
Docker Desktop for Windows < 4.49.0 Privilege Escalation (CVE-2025-9164)
The version of Docker Desktop for Windows installed on the remote host is prior to 4.49.0. It is, therefore, affected by a privilege escalation vulnerability: - Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs i...
CVE-2025-9164 Multiple DLL Search Order Hijacking Vulnerabilities in Docker Desktop Installer for Windows
Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs in the user's Downloads folder before checking system directories, allowing local privilege escalation through malicious DLL placement.This issue affects Docker...
PT-2025-43961
Name of the Vulnerable Software and Affected Versions Docker Desktop versions through 4.48.0 Description The Docker Desktop Installer.exe is susceptible to a DLL hijacking issue stemming from an insecure DLL search order. The installer prioritizes searching for necessary DLLs within the user's...
Installer of AutoDownloader may insecurely load Dynamic Link Libraries
Overview Installer of AutoDownloader provided by Panasonic Connect Co., Ltd. contains the following vulnerability with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2025-11223 Kazuma Matsumoto of GMO Cybersecurity ...
CVE-2025-10581
A potential DLL hijacking vulnerability was discovered in the Lenovo PC Manager during an internal security assessment that could allow a local authenticated user to execute code with elevated privileges...
CVE-2025-26859
RemoteView PC Application Console versions prior to 6.0.2 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...
CVE-2025-26860
RemoteCall Remote Support Program for Operator versions prior to 5.1.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...
CVE-2025-26861
CVE-2025-26861 affects RemoteCall Remote Support Program (for Operator). The vulnerability is an uncontrolled search path element (CWE-427) in versions prior to 5.3.0, which could allow arbitrary code execution if a crafted DLL is placed in the same folder as the affected product. Public sources ...
PT-2025-42233
RemoteCall Remote Support Program for Operator versions prior to 5.3.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...
PT-2025-42231
RemoteView PC Application Console versions prior to 6.0.2 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...
CVE-2025-57716
An Uncontrolled Search Path Element vulnerability CWE-427 in FortiClient Windows 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local low privileged user to perform a DLL hijacking attack via placing a malicious DLL to the FortiClient Online Installer installation folder...
CVE-2025-57716
An Uncontrolled Search Path Element vulnerability CWE-427 in FortiClient Windows 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local low privileged user to perform a DLL hijacking attack via placing a malicious DLL to the FortiClient Online Installer installation folder...