1215 matches found
MindManager Windows 安全漏洞
MindManager Windows is a mind mapping tool from the US-based MindManager Inc. A security vulnerability exists in MindManager Windows versions prior to 25.0.208, which stems from a vulnerability that allows an attacker to write a DLL file to the victim's DLL search path, potentially leading to cod...
CYRISMA Agent 安全漏洞
CYRISMA Agent is a data collection component from CYRISMA USA. A security vulnerability exists in CYRISMA Agent versions prior to 444, which stems from vulnerability to DLL hijacking attacks that could lead to elevation of privilege and execution of arbitrary code...
CVE-2025-57624
A DLL hijacking vulnerability in CYRISMA Agent before 444 allows local users to escalate privileges and execute arbitrary code via multiple DLLs...
CVE-2025-10215
DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a FREngine.dll file of their choice in the 'C:\Users\Public\AppData\Local\UPDF\FREngine\Bin64' directory, which could lead to...
Lenovo Browser 安全漏洞
Lenovo Browser is a browser from the Chinese company Lenovo Lenovo. It is used to locate, retrieve and display content on the World Wide Web. A security vulnerability exists in Lenovo Browser that stems from the presence of a potential DLL hijacking that could cause a local user to execute code...
CVE-2025-10213
DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a dxtn.dll file of their choice in the 'C:\Users\AppData\Local\Microsoft\WindowsApps' directory, which could lead to arbitrary...
CVE-2025-10215
CVE-2025-10215 affects UPDF.exe for Windows 1.8.5.0. The issue is DLL search path hijacking: an attacker with local access can place a malicious FREngine.dll in C:\Users\Public\AppData\Local\UPDF\FREngine\Bin64\ and trigger arbitrary code execution (and persistence). Several connected sources con...
CVE-2025-10214 DLL search path hijacking vulnerability
DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a FREngine.dll file of their choice in the 'C:\Users\AppData\Local\UPDF\FREngine\Bin64' directory, which could lead to arbitrary...
CVE-2025-40979 DLL search order hijack in Wave by Grandstream Networks
DLL search order hijacking vulnerability in the wave.exe executable for Windows 11, version 1.27.8. Exploitation of this vulnerability could allow attackers with local access to execute arbitrary code by placing an arbitrary file in the 'C:\Users\AppData\Local\Temp' directory, which could lead to...
PT-2025-37034
Name of the Vulnerable Software and Affected Versions: UPDF versions 1.8.5.0 Description: A DLL search path hijacking issue exists in the UPDF.exe executable for Windows. Attackers with local access can execute arbitrary code by placing a malicious FREngine.dll file in the directory...
PT-2025-37033
Name of the Vulnerable Software and Affected Versions: UPDF version 1.8.5.0 Description: A DLL search path hijacking issue exists in the UPDF.exe executable for Windows. An attacker with local access can execute arbitrary code by placing a malicious dxtn.dll file in the...
UPDF 代码问题漏洞
UPDF is a multi-platform PDF editor from the Chinese company UPDF. A code issue vulnerability exists in UPDF version 1.8.5.0, which stems from DLL search path hijacking and could lead to the execution of arbitrary code...
CVE-2025-10198
Sunshine for Windows, version v2025.122.141614, contains a DLL search-order hijacking vulnerability, allowing attackers to insert a malicious DLL in user-writeable PATH directories...
Buffer Over-read
Overview Affected versions of this package are vulnerable to Buffer Over-read via the DiaSymReader.dll process. An attacker can execute arbitrary code by exploiting a buffer over-read condition when the application processes specially crafted input. This issue affects EOL ASP.NET 6.0.0 = 6.0.36 a...
CVE-2025-36853
A vulnerability CVE-2025-21172 exists in msdia140.dll due to integer overflow and heap-based overflow. Per CWE-122: Heap-based Buffer Overflow, a heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning th...
PT-2025-36469
Name of the Vulnerable Software and Affected Versions: .NET 6.0.0 through 6.0.36 .NET 8.0.0 through 8.0.11 .NET 9.0.0 Description: A buffer over-read issue exists in DiaSymReader.dll. This occurs when a product reads from a buffer using buffer access mechanisms that reference memory locations aft...
Exploit for Path Traversal in Microsoft
Fully Weaponized CVE-2021-40444 Malicious docx generator to exploit CVE-2021-40444 Microsoft Office Word Remote Code Execution, works with arbitrary DLL files. Update 31/05/2022 - CVE-2022-30190 - Follina Now the generator is able to generate the document required to exploit also the "Follina"...
CVE-2025-52095
An issue in PDQ Smart Deploy V.3.0.2040 allows an attacker to escalate privileges via the Credential encryption routines in SDCommon.dll...
CVE-2010-20112 Amlibweb NetOpacs webquery.dll Stack Buffer Overflow
Amlib’s NetOpacs webquery.dll contains a stack-based buffer overflow vulnerability triggered by improper handling of HTTP GET parameters. Specifically, the application fails to enforce bounds on input supplied to the app parameter, allowing excessive data to overwrite memory structures including...
Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger
Cybersecurity researchers have disclosed details of a new malware loader called QuirkyLoader that's being used to deliver via email spam campaigns an array of next-stage payloads ranging from information stealers to remote access trojans since November 2024. Some of the notable malware families...