1216 matches found
The vulnerability of the iscsicpl.exe executable file of the Windows operating system allows a hacker to execute arbitrary code.
The vulnerability of the iscsicpl.exe executable file in Windows operating systems is related to the possibility of replacing the DLL file. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
CVE-2022-41181
Due to lack of proper memory management, when a victim opens manipulated Portable Document Format .pdf, PDFPublishing.dll file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the use...
The installer of Sony Content Transfer may insecurely load Dynamic Link Libraries
Overview The installer of Content Transfer for Windows provided by Sony Corporation contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Tomohisa Hasegawa of Canon IT Solutions Inc. reported this vulnerability to IPA. JPCERT/CC coordinat...
Sony Content Transfer 代码问题漏洞
SONY Content Transfer is a file transfer software from Sony Japan. It is suitable for customers who manage music, video, photo, and podcast content using iTunes, etc. SONY Content Transfer suffers from a code issue vulnerability that stems from the installer containing a DLL search path issue tha...
PT-2022-5363 · Microsoft · Windows Client Server Run-Time Subsystem +1
Name of the Vulnerable Software and Affected Versions: Windows Client Server Run-time Subsystem CSRSS affected versions not specified Description: The issue is related to an elevation of privilege vulnerability in the Windows Client Server Run-time Subsystem CSRSS. It is associated with an...
PT-2022-6468 · Schneider Electric · Ecostruxure Operator Terminal Expert +1
Name of the Vulnerable Software and Affected Versions: EcoStruxure Operator Terminal Expert versions prior to V3.3 Hotfix 1 Pro-face BLUE versions prior to V3.3 Hotfix 1 Description: The issue is related to an improper verification of cryptographic signature in the SGIUtility component. This coul...
CVE-2022-41747
An improper certification validation vulnerability in Trend Micro Apex One agents could allow a local attacker to load a DLL file with system service privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in...
Trend Micro Apex One 信任管理问题漏洞
Trend Micro Apex One is an endpoint protection software from Trend Micro, Inc. Trend Micro Apex One 2019 on-prem, SaaS version has a trust management issue vulnerability that stems from the Apex One agent not being properly authenticated, which could be exploited by an attacker to load DLL files...
CVE-2021-40163
A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component...
Autodesk Image Processing 缓冲区错误漏洞
Autodesk Image Processing is an image processing software from Autodesk, Inc. A security vulnerability exists in Autodesk Image Processing that originates from a memory corruption in the Autodesk Image Processing component, which can be exploited by an attacker to execute code via a maliciously...
PT-2022-11197 · Autodesk · Autodesk
Name of the Vulnerable Software and Affected Versions: Autodesk affected versions not specified Description: A Memory Corruption issue may lead to code execution through maliciously crafted DLL files, specifically affecting the Autodesk Image Processing component. Recommendations: At the moment,...
Honeywell SoftMaster 代码问题漏洞
Honeywell SoftMaster is a software from Honeywell USA. A security vulnerability exists in Honeywell SoftMaster version 4.51. The vulnerability can be exploited by an attacker to trick a user into loading a malicious DLL to execute arbitrary code...
CVE-2022-38633
Genymotion Desktop v3.2.1 was discovered to contain a DLL hijacking vulnerability which allows attackers to escalate privileges and execute arbitrary code via a crafted binary...
CVE-2022-34101
A vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can place a malicious DLL in a certain path to execute code and preform a privilege escalation attack...
SAMSUNG Smart Switch PC 代码问题漏洞
SAMSUNG Smart Switch PC is a Windows software from Samsung South Korea. It is used for data transfer. SAMSUNG Smart Switch PC suffers from a DLL hijacking vulnerability that originates when a process attempts to load a DLL without specifying the absolute path to the DLL. An attacker can exploit...
PT-2022-25035 · Samsung · Smart Switch Pc
Name of the Vulnerable Software and Affected Versions: Smart Switch PC versions prior to 4.3.22083 3 Description: The issue allows an attacker to execute arbitrary code through a DLL hijacking vulnerability. Recommendations: For versions prior to 4.3.22083 3, update to version 4.3.22083 3 or late...
McAfee Agent 代码问题漏洞
McAfee Agent MA is a set of client components from McAfee, Inc. that provides secure communications between ePolicy Orchestrator antivirus management platform and managed products. A code issue vulnerability exists in McAfee Agent MA versions prior to 5.7.7, which stems from a vulnerability that...
Scooter Software Beyond Compare 代码问题漏洞
Scooter Software Beyond Compare is content comparison tool software from Scooter Software. A security vulnerability exists in Scooter Software Beyond Compare versions 1.8a through 4.4.2 prior to 4.4.3 that originates from a DLL hijacking vulnerability in the uninstaller when installing the progra...
CVE-2021-42923
ShowMyPC 3606 on Windows suffers from a DLL hijack vulnerability. If an attacker overwrites the file %temp%\ShowMyPC-ShowMyPC3606\wodVPN.dll, it will run any malicious code contained in that file. The code will run with normal user privileges unless the user specifically runs ShowMyPC as...
The vulnerability of the providers.dll library in the Node.js software platform, related to HTTP request processing flaws, allows attackers to execute arbitrary code.
The vulnerability of the providers.dll library in the Node.js software platform is related to an uncontrolled search path during the loading of DLL libraries. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...