Lucene search
K

1215 matches found

CNNVD
CNNVD
added 2025/04/22 12:0 a.m.1 views

DPMA direktPro 安全漏洞

DPMA direktPro is a professional online service of the German Patent and Trademark Office DPMA in Germany for the electronic filing and management of intellectual property-related applications, including patents, trademarks and utility models. A security vulnerability exists in DPMA direktPro...

7.8CVSS6.7AI score0.00154EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/04/17 3:35 p.m.12 views

CVE-2024-12530 Insecure Dynamic-Link Library (DLL) Load vulnerability

Uncontrolled Search Path Element vulnerability in OpenText Secure Content Manager on Windows allows DLL Side-Loading.This issue affects Secure Content Manager: 23.4. End-users can potentially exploit the vulnerability to execute malicious code in the trusted context of the thick-client applicatio...

7CVSS0.00153EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/17 12:0 a.m.1 views

OpenText Secure Content Manager 代码问题漏洞

OpenText Secure Content Manager is an enterprise content management solution from OpenText Canada. A code issue vulnerability exists in OpenText Secure Content Manager version 23.4, which originates from a DLL side load and could lead to the execution of arbitrary code...

7CVSS7.1AI score0.00153EPSS
Exploits0References1
OSV
OSV
added 2025/04/09 7:15 p.m.5 views

CVE-2025-2630

There is a DLL hijacking vulnerability due to an uncontrolled search path that exists in NI LabVIEW. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to insert a malicious DLL into the uncontrolled search path. This vulnerability affects NI...

7.8CVSS6AI score0.00171EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/09 9:3 a.m.11 views

CVE-2024-11859

DLL Search Order Hijacking vulnerability potentially allowed an attacker with administrator privileges to load a malicious dynamic-link library and execute its code...

8.4CVSS7AI score0.01802EPSS
Exploits0References3
OSV
OSV
added 2025/04/08 3:15 p.m.2 views

CVE-2025-22458

DLL hijacking in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows an authenticated attacker to escalate to System...

7.8CVSS5.8AI score0.00388EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2025/04/07 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-11859

DLL Search Order Hijacking vulnerability potentially allowed an attacker with administrator privileges to load a malicious dynamic-link library and execute its code...

8.4CVSS7.3AI score0.01802EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/03/17 12:0 a.m.5 views

The vulnerability of Acronis Cyber Protect Cloud Agent lies in its use of an insecure search path, which allows attackers to escalate their privileges.

The vulnerability of Acronis Cyber Protect Cloud Agent is related to the use of an insecure search path. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created DLL...

6.3CVSS6.5AI score0.00134EPSS
Exploits0References2
OSV
OSV
added 2025/03/04 6:15 p.m.3 views

CVE-2024-10930

An Uncontrolled Search Path Element vulnerability exists which could allow a malicious actor to perform DLL hijacking and execute arbitrary code with escalated privileges...

7.8CVSS6AI score0.00356EPSS
Exploits0References2
OSV
OSV
added 2025/02/22 9:15 p.m.4 views

CVE-2022-28339

Trend Micro HouseCall for Home Networks version 5.3.1302 and below contains an uncontrolled search patch element vulnerability that could allow an attacker with low user privileges to create a malicious DLL that could lead to escalated privileges...

7.8CVSS5.8AI score0.00272EPSS
Exploits0References2
NVD
NVD
added 2025/02/18 7:15 a.m.10 views

CVE-2024-57963

Insecure Loading of Dynamic Link Libraries have been discovered in USB-CONVERTERCABLE DRIVER, which could allow local attackers to potentially disclose information or execute arbitray code on affected systems. This issue affects USB-CONVERTERCABLE DRIVER:...

7.3CVSS0.00166EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/18 12:0 a.m.5 views

Rufus 代码问题漏洞

Rufus is a reliable USB formatting tool from Pete Batard, a personal developer. A code issue vulnerability exists in Rufus version 4.6.2208 and prior versions that stems from not properly validating the DLL load path. An attacker can exploit the vulnerability to execute malicious code...

6.8CVSS7AI score0.00172EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/02/17 12:0 a.m.3 views

PT-2025-6700 · Txone Networks · Stellarprotect +2

Name of the Vulnerable Software and Affected Versions: StellarProtect Legacy Mode versions prior to 3.2 StellarEnforce versions prior to 3.2 Safe Lock versions 3.0.0 through 3.1.1076 Description: The issue is related to improper validation of the integrity check value in TXOne Networks products,...

6.7CVSS7.4AI score0.00094EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/02/16 12:0 a.m.3 views

Insomnia 代码问题漏洞

Insomnia is an open source, cross-platform API client from Insomnia for GraphQL, REST, WebSockets, server-sent events, and gRPC. A code issue vulnerability exists in Insomnia prior to version 10.3.0 that stems from an issue with profapi.dll containing an untrusted search path...

7.3CVSS6.9AI score0.00171EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/02/07 12:0 a.m.2 views

TallyPrime 安全漏洞

TallyPrime is a business management software from Tally, Inc. A security vulnerability exists in TallyPrime version v2.1. An attacker can exploit the vulnerability to execute arbitrary code via a specially crafted DLL...

7.8CVSS7.6AI score0.0018EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/02/07 12:0 a.m.4 views

PT-2025-5990 · Tally · Tally Prime Edit Log

Name of the Vulnerable Software and Affected Versions: Tally Prime Edit Log version 2.1 Description: A DLL hijacking issue was discovered in the TextShaping.dll component, allowing attackers to execute arbitrary code through a manipulated DLL. This issue enables the execution of arbitrary code vi...

7.8CVSS8.2AI score0.0018EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/02/06 12:0 a.m.2 views

NetMod VPN 安全漏洞

NetMod VPN is a powerful and free VPN client from NetMod. A security vulnerability exists in NetMod VPN version 5.3.1, which stems from the inclusion of a DLL injection vulnerability that allows an attacker to execute arbitrary code by placing a malicious DLL in a directory where the application...

7.3CVSS7.9AI score0.00321EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/02/06 12:0 a.m.3 views

PT-2025-5804

Name of the Vulnerable Software and Affected Versions: Defense Platform Home Edition versions 3.9.51.x and earlier Description: The issue is related to an unprotected Windows messaging channel, also known as 'Shatter'. This allows an attacker to send a specially crafted message to a specific...

8.8CVSS7AI score0.00133EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2025/02/05 12:0 a.m.6 views

The vulnerability of the Wazuh intrusion detection and prevention agent, related to access control errors, allows intruders to increase their privileges.

The vulnerability of the Wazuh intrusion detection and prevention agent is related to access control errors. Exploiting this vulnerability can allow attackers to enhance their privileges by placing a specially crafted DLL file in the directory where the installed software resides...

7.8CVSS7AI score0.00255EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/04 10:44 p.m.4 views

CVE-2024-8896

A maliciously crafted DXF file when parsed in acdb25.dll through Autodesk AutoCAD can force to access a variable prior to initialization. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process...

7.8CVSS7.5AI score0.00202EPSS
Exploits0References1
Rows per page
Query Builder