Lucene search
K

1216 matches found

Positive Technologies
Positive Technologies
added 2023/04/11 12:0 a.m.11 views

PT-2023-2927 · Microsoft +4 · .Net Framework +4

Name of the Vulnerable Software and Affected Versions: Microsoft .NET affected versions not specified Description: The issue is related to incorrect handling of the path search for DLL libraries in the Microsoft .NET platform. This can allow an attacker to execute arbitrary code. Recommendations:...

9.8CVSS6.9AI score0.99999EPSS
Exploits19References165
OSV
OSV
added 2023/03/29 11:15 a.m.3 views

CVE-2023-0213

Elevation of privilege issue in M-Files Installer versions before 22.6 on Windows allows user to gain SYSTEM privileges via DLL hijacking...

7.8CVSS7.1AI score0.00212EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/03/22 12:0 a.m.5 views

The vulnerability of the online document editor ONLYOFFICE Docs, related to the use of an unreliable search path, allows a perpetrator to execute arbitrary code.

The vulnerability of the online text document editor ONLYOFFICE Docs is related to the use of an unreliable search path. Exploiting this vulnerability allows a attacker to execute arbitrary code by replacing the legitimate DLL file with a malicious library...

8.4CVSS7.6AI score0.003EPSS
Exploits1References4Affected Software2
The Hacker News
The Hacker News
added 2023/03/16 3:30 p.m.2 views

Chinese and Russian Hackers Using SILKLOADER Malware to Evade Detection

Threat activity clusters affiliated with the Chinese and Russian cybercriminal ecosystems have been observed using a new piece of malware that's designed to load Cobalt Strike onto infected machines. Dubbed SILKLOADER by Finnish cybersecurity company WithSecure, the malware leverages DLL...

7AI score
Exploits0
OSV
OSV
added 2023/03/13 1:15 p.m.3 views

CVE-2023-24578

McAfee Total Protection prior to 16.0.49 allows attackers to elevate user privileges due to DLL sideloading. This could enable a user with lower privileges to execute unauthorized tasks...

5.5CVSS6.2AI score0.00254EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/03/06 12:0 a.m.4 views

The vulnerability of the Dell GeoDrive local file system, related to an uncontrolled DLL search path, allows a perpetrator to execute arbitrary code.

The vulnerability of the Dell GeoDrive local file system is related to an uncontrolled DLL search path. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7CVSS7.5AI score0.00169EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/02/17 12:0 a.m.5 views

Infoblox BloxOne Endpoint 代码问题漏洞

Infoblox BloxOne Endpoint is a lightweight mobile agent from Infoblox USA. Redirects DNS traffic from remote devices to the BloxOne Threat Defense Cloud. A security vulnerability exists in Infoblox BloxOne Endpoint for Windows versions prior to 2.2.7, which stems from a DLL injection on this...

7.8CVSS7.4AI score0.00212EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/02/17 12:0 a.m.3 views

Siemens Solid Edge 缓冲区错误漏洞

Siemens Solid Edge is a 3D CAD software from Siemens Germany. The software can be used in industries such as part design, assembly design, sheet metal design, welding design, etc. An out-of-bounds read vulnerability exists in Siemens Solid Edge due to the Datakit CrossCadWarex64.dll used in the...

5.5CVSS6.5AI score0.0021EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:31 a.m.2 views

SUSE CVE-2014-1520

maintenserviceinstaller.exe in the Maintenance Service Installer in Mozilla Firefox before 29.0 and Firefox ESR 24.x before 24.5 on Windows allows local users to gain privileges by placing a Trojan horse DLL file into a temporary directory at an unspecified point in the update process...

6.9CVSS6.9AI score0.00408EPSS
Exploits3References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:17 a.m.2 views

SUSE CVE-2019-4732

IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client. By placing ...

6.5CVSS7.2AI score0.00561EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:14 a.m.2 views

SUSE CVE-2019-9634

Go through 1.12 on Windows misuses certain LoadLibrary functionality, leading to DLL injection...

7.8CVSS9.3AI score0.03326EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2023/02/15 12:0 a.m.7 views

The vulnerability of the Jt1001.dll library, which is used by development tools for applications such as JT Utilities, JT Open Toolkit (JTTK), and Solid Edge, allows a hacker to execute arbitrary code.

The vulnerability of the Jt1001.dll library, which is part of the JT Utilities, JT Open Toolkit JTTK, and Solid Edge development tools, arises due to an operation that goes beyond the buffer in memory. Exploiting this vulnerability allows a attacker to execute arbitrary code using a specially...

7.8CVSS7.8AI score0.00279EPSS
Exploits0References3Affected Software3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/02/14 8:0 a.m.5 views

The installers of ELECOM Camera Assistant and QuickFileDealer may insecurely load Dynamic Link Libraries

Overview The installers of ELECOM Camera Assistant and QuickFileDealer provided by ELECOM CO.,LTD. contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Tomohisa Hasegawa of Canon IT Solutions Inc. reported this vulnerability to IPA...

7.8CVSS7AI score0.00204EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/02/14 12:0 a.m.4 views

ELECOM Camera Assistant 代码问题漏洞

ELECOM Camera Assistant is a software from ELECOM that enables more efficient use of webcams. A security vulnerability exists in ELECOM Camera Assistant version 1.00 and QuickFileDealer versions 1.2.1 and earlier, which stems from an untrusted search path vulnerability that can be exploited by an...

7.8CVSS7.3AI score0.00204EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/02/14 12:0 a.m.6 views

PT-2023-5951 · Git · Git For Windows

Name of the Vulnerable Software and Affected Versions: Git for Windows versions prior to 2.39.2 Description: The issue is related to the Windows port of the revision control system Git. By carefully crafting a DLL and placing it into a subdirectory of a specific name next to the Git for Windows...

7.3CVSS7.4AI score0.00352EPSS
Exploits0References12
OSV
OSV
added 2023/02/07 3:15 a.m.3 views

CVE-2022-31611

NVIDIA GeForce Experience contains an uncontrolled search path vulnerability in all its client installers, where an attacker with user level privileges may cause the installer to load an arbitrary DLL when the installer is launched. A successful exploit of this vulnerability could lead to...

7.3CVSS5.9AI score
Exploits0References1
CNNVD
CNNVD
added 2023/02/07 12:0 a.m.7 views

NVIDIA GeForce Experience 代码问题漏洞

NVIDIA GeForce Experience is a set of automatic graphics card update tools from NVIDIA. The product can automatically update graphics card drivers and support graphics card performance management and optimization, among other things. A security vulnerability exists in NVIDIA GeForce Experience,...

7.3CVSS7.7AI score0.00209EPSS
Exploits0References2
OSV
OSV
added 2023/02/01 6:15 p.m.2 views

CVE-2023-22283

On versions beginning in 7.1.5 to before 7.2.3.1, a DLL hijacking vulnerability exists in the BIG-IP Edge Client for Windows. User interaction and administrative privileges are required to exploit this vulnerability because the victim user needs to run the executable on the system and the attacke...

6.5CVSS6.7AI score0.00197EPSS
Exploits0References1
OSV
OSV
added 2023/02/01 6:15 a.m.6 views

CVE-2022-34396

Dell OpenManage Server Administrator OMSA version 10.3.0.0 and earlier contains a DLL Injection Vulnerability. A local low privileged authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with elevated...

7.8CVSS6AI score0.00186EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/01/06 12:0 a.m.6 views

Chat Server 代码问题漏洞

Chat Server is ramank775 individual developer's chat server based on microservices architecture, supports high availability, high throughput, horizontal expansion. A security vulnerability exists in Efs Software Easy Chat Server version 3.1, which originates from a DLL hijacking vulnerability tha...

7.8CVSS7.8AI score0.00387EPSS
Exploits1References2
Rows per page
Query Builder