1215 matches found
NAVER Whale browser Installer 安全漏洞
NAVER Whale browser Installer is a browser installer from the Korean company NAVER. A security vulnerability exists in NAVER Whale browser Installer versions prior to 3.1.0.0, which stems from an improper privilege setting that allows an attacker to execute a malicious DLL in the user's environme...
Acronis Cyber Files 代码问题漏洞
Acronis Cyber Files is a secure file synchronization and sharing solution from Acronis Switzerland. A code issue vulnerability exists in Acronis Cyber Files versions prior to 9.0.0x24 that stems from DLL hijacking leading to local elevation of privilege...
PT-2024-33502 · Acronis · Acronis Cyber Files
Name of the Vulnerable Software and Affected Versions: Acronis Cyber Files Windows versions before 9.0.0x24 Description: The issue is related to a local privilege escalation due to a DLL hijacking vulnerability. This allows an attacker to potentially gain elevated privileges on a system...
Malicious code in lwplugin (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c6d463791b2f4dc4cdb8a0b3961dbb9b956fc3f0e0ad974fc407211ae9d2e3a8 The attached DLL is infected with a very high detection rate --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
CVE-2024-4132
A DLL hijack vulnerability was reported in Lenovo Lock Screen that could allow a local attacker to execute code with elevated privileges...
PT-2024-29130 · Lenovo · Lenovo Super File
Name of the Vulnerable Software and Affected Versions: Lenovo Super File affected versions not specified Description: A DLL hijack vulnerability was reported that could allow a local attacker to execute code with elevated privileges. Recommendations: At the moment, there is no information about a...
PT-2024-39387 · Lenovo · Lenovo Starstudio
Name of the Vulnerable Software and Affected Versions: Lenovo stARstudio affected versions not specified Description: A DLL hijack vulnerability was reported that could allow a local attacker to execute code with elevated privileges. Recommendations: At the moment, there is no information about a...
PT-2024-38611 · Webroot · Webroot Secureanywhere - Web Shield
Name of the Vulnerable Software and Affected Versions: Webroot SecureAnywhere - Web Shield versions prior to 2.1.2.3 Description: The issue is related to an Improper Check for Unusual or Exceptional Conditions vulnerability in the wrURL.Dll modules of Webroot SecureAnywhere - Web Shield, allowing...
PT-2024-31826 · Vegabird · Vegabird Vooki
Name of the Vulnerable Software and Affected Versions: VegaBird Vooki version 5.2.9 Description: A DLL hijacking issue allows attackers to execute arbitrary code and maintain persistence by placing a crafted DLL file in the same directory as Vooki.exe. This enables attackers to potentially gain...
e-Tax Reception System 安全漏洞
The e-Tax Reception System is an electronic tax management system organized by the National Tax Agency NTA of Japan. A security vulnerability exists in e-Tax Reception System that originates from allowing the upload of malicious DLL files...
Acronis Cyber Protect 代码问题漏洞
Acronis Cyber Protect is an all-in-one cyber protection solution for business and enterprise from Acronis Switzerland. Combining backup, anti-malware, network security and endpoint management features such as vulnerability assessment, URL filtering, patch management and more. A code issue...
PT-2024-25642
Name of the Vulnerable Software and Affected Versions Acronis Cyber Protect Cloud Agent Windows versions before build 38235 Description A local privilege escalation issue exists due to a DLL hijacking vulnerability. This can cause local privilege escalation. Recommendations For Acronis Cyber...
CVE-2024-45281
SAP BusinessObjects Business Intelligence Platform allows a high privilege user to run client desktop applications even if some of the DLLs are not digitally signed or if the signature is broken. The attacker needs to have local access to the vulnerable system to perform DLL related tasks. This...
The vulnerability of the Yandex Browser is related to the use of an insecure search path, which allows a hacker to execute arbitrary code.
The vulnerability of the Yandex Browser is related to the use of an insecure search path. Exploiting this vulnerability allows a hacker to execute arbitrary code by loading a specially crafted DLL file...
CVE-2024-7834
A local privilege escalation is caused by Overwolf loading and executing certain dynamic link library files from a user-writeable folder in SYSTEM context on launch. This allows an attacker with unprivileged access to the system to run arbitrary code with SYSTEM privileges by placing a malicious...
CVE-2024-7834 Local privilege escalation in Overwolf
A local privilege escalation is caused by Overwolf loading and executing certain dynamic link library files from a user-writeable folder in SYSTEM context on launch. This allows an attacker with unprivileged access to the system to run arbitrary code with SYSTEM privileges by placing a malicious...
CVE-2024-7834 Local privilege escalation in Overwolf
A local privilege escalation is caused by Overwolf loading and executing certain dynamic link library files from a user-writeable folder in SYSTEM context on launch. This allows an attacker with unprivileged access to the system to run arbitrary code with SYSTEM privileges by placing a malicious...
CVE-2024-7834
The CVE-2024-7834 entry concerns Overwolf. Affected: Overwolf software (frames/SDK) that loads and executes certain DLLs from a user-writable folder during startup, running in SYSTEM context. Root cause: untrusted DLLs placed in the user-writable location are loaded on launch, enabling local priv...
PT-2024-38613 · Overwolf · Overwolf
Name of the Vulnerable Software and Affected Versions: Overwolf affected versions not specified Description: A local privilege escalation issue is caused by Overwolf loading and executing certain dynamic link library files from a user-writeable folder in SYSTEM context on launch. This allows an...
Overwolf 安全漏洞
Overwolf is a framework from the Israeli company Overwolf that supports building games using HTML and JavaScript. A security vulnerability exists in Overwolf versions prior to 250.1.1, which originates from loading and executing certain dynamic link library files from a user-writable folder in th...