1216 matches found
PT-2023-2927 · Microsoft +4 · .Net Framework +4
Name of the Vulnerable Software and Affected Versions: Microsoft .NET affected versions not specified Description: The issue is related to incorrect handling of the path search for DLL libraries in the Microsoft .NET platform. This can allow an attacker to execute arbitrary code. Recommendations:...
CVE-2023-0213
Elevation of privilege issue in M-Files Installer versions before 22.6 on Windows allows user to gain SYSTEM privileges via DLL hijacking...
The vulnerability of the online document editor ONLYOFFICE Docs, related to the use of an unreliable search path, allows a perpetrator to execute arbitrary code.
The vulnerability of the online text document editor ONLYOFFICE Docs is related to the use of an unreliable search path. Exploiting this vulnerability allows a attacker to execute arbitrary code by replacing the legitimate DLL file with a malicious library...
Chinese and Russian Hackers Using SILKLOADER Malware to Evade Detection
Threat activity clusters affiliated with the Chinese and Russian cybercriminal ecosystems have been observed using a new piece of malware that's designed to load Cobalt Strike onto infected machines. Dubbed SILKLOADER by Finnish cybersecurity company WithSecure, the malware leverages DLL...
CVE-2023-24578
McAfee Total Protection prior to 16.0.49 allows attackers to elevate user privileges due to DLL sideloading. This could enable a user with lower privileges to execute unauthorized tasks...
The vulnerability of the Dell GeoDrive local file system, related to an uncontrolled DLL search path, allows a perpetrator to execute arbitrary code.
The vulnerability of the Dell GeoDrive local file system is related to an uncontrolled DLL search path. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
Infoblox BloxOne Endpoint 代码问题漏洞
Infoblox BloxOne Endpoint is a lightweight mobile agent from Infoblox USA. Redirects DNS traffic from remote devices to the BloxOne Threat Defense Cloud. A security vulnerability exists in Infoblox BloxOne Endpoint for Windows versions prior to 2.2.7, which stems from a DLL injection on this...
Siemens Solid Edge 缓冲区错误漏洞
Siemens Solid Edge is a 3D CAD software from Siemens Germany. The software can be used in industries such as part design, assembly design, sheet metal design, welding design, etc. An out-of-bounds read vulnerability exists in Siemens Solid Edge due to the Datakit CrossCadWarex64.dll used in the...
SUSE CVE-2014-1520
maintenserviceinstaller.exe in the Maintenance Service Installer in Mozilla Firefox before 29.0 and Firefox ESR 24.x before 24.5 on Windows allows local users to gain privileges by placing a Trojan horse DLL file into a temporary directory at an unspecified point in the update process...
SUSE CVE-2019-4732
IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client. By placing ...
SUSE CVE-2019-9634
Go through 1.12 on Windows misuses certain LoadLibrary functionality, leading to DLL injection...
The vulnerability of the Jt1001.dll library, which is used by development tools for applications such as JT Utilities, JT Open Toolkit (JTTK), and Solid Edge, allows a hacker to execute arbitrary code.
The vulnerability of the Jt1001.dll library, which is part of the JT Utilities, JT Open Toolkit JTTK, and Solid Edge development tools, arises due to an operation that goes beyond the buffer in memory. Exploiting this vulnerability allows a attacker to execute arbitrary code using a specially...
The installers of ELECOM Camera Assistant and QuickFileDealer may insecurely load Dynamic Link Libraries
Overview The installers of ELECOM Camera Assistant and QuickFileDealer provided by ELECOM CO.,LTD. contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Tomohisa Hasegawa of Canon IT Solutions Inc. reported this vulnerability to IPA...
ELECOM Camera Assistant 代码问题漏洞
ELECOM Camera Assistant is a software from ELECOM that enables more efficient use of webcams. A security vulnerability exists in ELECOM Camera Assistant version 1.00 and QuickFileDealer versions 1.2.1 and earlier, which stems from an untrusted search path vulnerability that can be exploited by an...
PT-2023-5951 · Git · Git For Windows
Name of the Vulnerable Software and Affected Versions: Git for Windows versions prior to 2.39.2 Description: The issue is related to the Windows port of the revision control system Git. By carefully crafting a DLL and placing it into a subdirectory of a specific name next to the Git for Windows...
CVE-2022-31611
NVIDIA GeForce Experience contains an uncontrolled search path vulnerability in all its client installers, where an attacker with user level privileges may cause the installer to load an arbitrary DLL when the installer is launched. A successful exploit of this vulnerability could lead to...
NVIDIA GeForce Experience 代码问题漏洞
NVIDIA GeForce Experience is a set of automatic graphics card update tools from NVIDIA. The product can automatically update graphics card drivers and support graphics card performance management and optimization, among other things. A security vulnerability exists in NVIDIA GeForce Experience,...
CVE-2023-22283
On versions beginning in 7.1.5 to before 7.2.3.1, a DLL hijacking vulnerability exists in the BIG-IP Edge Client for Windows. User interaction and administrative privileges are required to exploit this vulnerability because the victim user needs to run the executable on the system and the attacke...
CVE-2022-34396
Dell OpenManage Server Administrator OMSA version 10.3.0.0 and earlier contains a DLL Injection Vulnerability. A local low privileged authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with elevated...
Chat Server 代码问题漏洞
Chat Server is ramank775 individual developer's chat server based on microservices architecture, supports high availability, high throughput, horizontal expansion. A security vulnerability exists in Efs Software Easy Chat Server version 3.1, which originates from a DLL hijacking vulnerability tha...