Lucene search
K

1215 matches found

CNNVD
CNNVD
added 2025/09/16 12:0 a.m.2 views

MindManager Windows 安全漏洞

MindManager Windows is a mind mapping tool from the US-based MindManager Inc. A security vulnerability exists in MindManager Windows versions prior to 25.0.208, which stems from a vulnerability that allows an attacker to write a DLL file to the victim's DLL search path, potentially leading to cod...

2.2CVSS7.2AI score0.00127EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/16 12:0 a.m.2 views

CYRISMA Agent 安全漏洞

CYRISMA Agent is a data collection component from CYRISMA USA. A security vulnerability exists in CYRISMA Agent versions prior to 444, which stems from vulnerability to DLL hijacking attacks that could lead to elevation of privilege and execution of arbitrary code...

7.8CVSS7.1AI score0.00138EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/09/16 12:0 a.m.11 views

CVE-2025-57624

A DLL hijacking vulnerability in CYRISMA Agent before 444 allows local users to escalate privileges and execute arbitrary code via multiple DLLs...

0.00138EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/09/12 12:21 p.m.3 views

CVE-2025-10215

DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a FREngine.dll file of their choice in the 'C:\Users\Public\AppData\Local\UPDF\FREngine\Bin64' directory, which could lead to...

7CVSS7.8AI score0.00157EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/11 12:0 a.m.3 views

Lenovo Browser 安全漏洞

Lenovo Browser is a browser from the Chinese company Lenovo Lenovo. It is used to locate, retrieve and display content on the World Wide Web. A security vulnerability exists in Lenovo Browser that stems from the presence of a potential DLL hijacking that could cause a local user to execute code...

8.5CVSS6.8AI score0.00155EPSS
Exploits0References2
NVD
NVD
added 2025/09/10 12:15 p.m.5 views

CVE-2025-10213

DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a dxtn.dll file of their choice in the 'C:\Users\AppData\Local\Microsoft\WindowsApps' directory, which could lead to arbitrary...

7.8CVSS0.00157EPSS
Exploits0References1
CVE
CVE
added 2025/09/10 11:39 a.m.20 views

CVE-2025-10215

CVE-2025-10215 affects UPDF.exe for Windows 1.8.5.0. The issue is DLL search path hijacking: an attacker with local access can place a malicious FREngine.dll in C:\Users\Public\AppData\Local\UPDF\FREngine\Bin64\ and trigger arbitrary code execution (and persistence). Several connected sources con...

7.8CVSS7.3AI score0.00157EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/09/10 11:39 a.m.9 views

CVE-2025-10214 DLL search path hijacking vulnerability

DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a FREngine.dll file of their choice in the 'C:\Users\AppData\Local\UPDF\FREngine\Bin64' directory, which could lead to arbitrary...

7CVSS0.00157EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/10 11:35 a.m.4 views

CVE-2025-40979 DLL search order hijack in Wave by Grandstream Networks

DLL search order hijacking vulnerability in the wave.exe executable for Windows 11, version 1.27.8. Exploitation of this vulnerability could allow attackers with local access to execute arbitrary code by placing an arbitrary file in the 'C:\Users\AppData\Local\Temp' directory, which could lead to...

7CVSS7.4AI score0.0013EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/10 12:0 a.m.5 views

PT-2025-37034

Name of the Vulnerable Software and Affected Versions: UPDF versions 1.8.5.0 Description: A DLL search path hijacking issue exists in the UPDF.exe executable for Windows. Attackers with local access can execute arbitrary code by placing a malicious FREngine.dll file in the directory...

7CVSS7.2AI score0.00157EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/09/10 12:0 a.m.5 views

PT-2025-37033

Name of the Vulnerable Software and Affected Versions: UPDF version 1.8.5.0 Description: A DLL search path hijacking issue exists in the UPDF.exe executable for Windows. An attacker with local access can execute arbitrary code by placing a malicious dxtn.dll file in the...

7CVSS7.2AI score0.00157EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/09/10 12:0 a.m.2 views

UPDF 代码问题漏洞

UPDF is a multi-platform PDF editor from the Chinese company UPDF. A code issue vulnerability exists in UPDF version 1.8.5.0, which stems from DLL search path hijacking and could lead to the execution of arbitrary code...

7.8CVSS7.1AI score0.00157EPSS
Exploits0References1
NVD
NVD
added 2025/09/09 6:15 p.m.6 views

CVE-2025-10198

Sunshine for Windows, version v2025.122.141614, contains a DLL search-order hijacking vulnerability, allowing attackers to insert a malicious DLL in user-writeable PATH directories...

7.8CVSS0.00211EPSS
Exploits0References3
Snyk
Snyk
added 2025/09/08 2:41 p.m.3 views

Buffer Over-read

Overview Affected versions of this package are vulnerable to Buffer Over-read via the DiaSymReader.dll process. An attacker can execute arbitrary code by exploiting a buffer over-read condition when the application processes specially crafted input. This issue affects EOL ASP.NET 6.0.0 = 6.0.36 a...

8.8CVSS8.9AI score0.02262EPSS
Exploits0References2
NVD
NVD
added 2025/09/08 2:15 p.m.6 views

CVE-2025-36853

A vulnerability CVE-2025-21172 exists in msdia140.dll due to integer overflow and heap-based overflow. Per CWE-122: Heap-based Buffer Overflow, a heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning th...

7.5CVSS0.00527EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/08 12:0 a.m.5 views

PT-2025-36469

Name of the Vulnerable Software and Affected Versions: .NET 6.0.0 through 6.0.36 .NET 8.0.0 through 8.0.11 .NET 9.0.0 Description: A buffer over-read issue exists in DiaSymReader.dll. This occurs when a product reads from a buffer using buffer access mechanisms that reference memory locations aft...

8.8CVSS9.1AI score0.02262EPSS
Exploits0References6
Gitee
Gitee
added 2025/09/06 12:58 a.m.181 views

Exploit for Path Traversal in Microsoft

Fully Weaponized CVE-2021-40444 Malicious docx generator to exploit CVE-2021-40444 Microsoft Office Word Remote Code Execution, works with arbitrary DLL files. Update 31/05/2022 - CVE-2022-30190 - Follina Now the generator is able to generate the document required to exploit also the "Follina"...

9.3CVSS8.3AI score0.99374EPSS
Exploits90
RedhatCVE
RedhatCVE
added 2025/08/24 12:13 a.m.4 views

CVE-2025-52095

An issue in PDQ Smart Deploy V.3.0.2040 allows an attacker to escalate privileges via the Credential encryption routines in SDCommon.dll...

9.8CVSS7.4AI score0.00321EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/08/21 8:8 p.m.2 views

CVE-2010-20112 Amlibweb NetOpacs webquery.dll Stack Buffer Overflow

Amlib’s NetOpacs webquery.dll contains a stack-based buffer overflow vulnerability triggered by improper handling of HTTP GET parameters. Specifically, the application fails to enforce bounds on input supplied to the app parameter, allowing excessive data to overwrite memory structures including...

9.3CVSS7.6AI score0.01046EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2025/08/21 10:41 a.m.5 views

Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger

Cybersecurity researchers have disclosed details of a new malware loader called QuirkyLoader that's being used to deliver via email spam campaigns an array of next-stage payloads ranging from information stealers to remote access trojans since November 2024. Some of the notable malware families...

7.7AI score
Exploits0
Rows per page
Query Builder