Lucene search
K

1216 matches found

BDU FSTEC
BDU FSTEC
added 2022/11/03 12:0 a.m.6 views

The vulnerability of the iscsicpl.exe executable file of the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the iscsicpl.exe executable file in Windows operating systems is related to the possibility of replacing the DLL file. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

10CVSS5.8AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/10/11 9:15 p.m.3 views

CVE-2022-41181

Due to lack of proper memory management, when a victim opens manipulated Portable Document Format .pdf, PDFPublishing.dll file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the use...

5.5CVSS5.8AI score0.00196EPSS
Exploits0References3Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/10/11 6:8 a.m.3 views

The installer of Sony Content Transfer may insecurely load Dynamic Link Libraries

Overview The installer of Content Transfer for Windows provided by Sony Corporation contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Tomohisa Hasegawa of Canon IT Solutions Inc. reported this vulnerability to IPA. JPCERT/CC coordinat...

7.8CVSS7.1AI score0.00204EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/10/11 12:0 a.m.4 views

Sony Content Transfer 代码问题漏洞

SONY Content Transfer is a file transfer software from Sony Japan. It is suitable for customers who manage music, video, photo, and podcast content using iTunes, etc. SONY Content Transfer suffers from a code issue vulnerability that stems from the installer containing a DLL search path issue tha...

7.8CVSS7.8AI score0.00204EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/10/11 12:0 a.m.4 views

PT-2022-5363 · Microsoft · Windows Client Server Run-Time Subsystem +1

Name of the Vulnerable Software and Affected Versions: Windows Client Server Run-time Subsystem CSRSS affected versions not specified Description: The issue is related to an elevation of privilege vulnerability in the Windows Client Server Run-time Subsystem CSRSS. It is associated with an...

7.8CVSS9.6AI score0.09331EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2022/10/11 12:0 a.m.8 views

PT-2022-6468 · Schneider Electric · Ecostruxure Operator Terminal Expert +1

Name of the Vulnerable Software and Affected Versions: EcoStruxure Operator Terminal Expert versions prior to V3.3 Hotfix 1 Pro-face BLUE versions prior to V3.3 Hotfix 1 Description: The issue is related to an improper verification of cryptographic signature in the SGIUtility component. This coul...

7.8CVSS7.4AI score0.0011EPSS
Exploits0References6
OSV
OSV
added 2022/10/10 9:15 p.m.2 views

CVE-2022-41747

An improper certification validation vulnerability in Trend Micro Apex One agents could allow a local attacker to load a DLL file with system service privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in...

7.8CVSS6AI score0.0023EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/10/10 12:0 a.m.3 views

Trend Micro Apex One 信任管理问题漏洞

Trend Micro Apex One is an endpoint protection software from Trend Micro, Inc. Trend Micro Apex One 2019 on-prem, SaaS version has a trust management issue vulnerability that stems from the Apex One agent not being properly authenticated, which could be exploited by an attacker to load DLL files...

7.8CVSS6.8AI score0.0023EPSS
Exploits0References3
OSV
OSV
added 2022/10/07 6:15 p.m.5 views

CVE-2021-40163

A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component...

7.8CVSS6.2AI score0.00242EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/10/07 12:0 a.m.3 views

Autodesk Image Processing 缓冲区错误漏洞

Autodesk Image Processing is an image processing software from Autodesk, Inc. A security vulnerability exists in Autodesk Image Processing that originates from a memory corruption in the Autodesk Image Processing component, which can be exploited by an attacker to execute code via a maliciously...

7.8CVSS7.6AI score0.00242EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/10/07 12:0 a.m.5 views

PT-2022-11197 · Autodesk · Autodesk

Name of the Vulnerable Software and Affected Versions: Autodesk affected versions not specified Description: A Memory Corruption issue may lead to code execution through maliciously crafted DLL files, specifically affecting the Autodesk Image Processing component. Recommendations: At the moment,...

7.8CVSS7.8AI score0.00242EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/09/14 12:0 a.m.5 views

Honeywell SoftMaster 代码问题漏洞

Honeywell SoftMaster is a software from Honeywell USA. A security vulnerability exists in Honeywell SoftMaster version 4.51. The vulnerability can be exploited by an attacker to trick a user into loading a malicious DLL to execute arbitrary code...

8.8CVSS7.8AI score0.00997EPSS
Exploits0References4
OSV
OSV
added 2022/09/13 10:15 p.m.3 views

CVE-2022-38633

Genymotion Desktop v3.2.1 was discovered to contain a DLL hijacking vulnerability which allows attackers to escalate privileges and execute arbitrary code via a crafted binary...

7.8CVSS6AI score0.00232EPSS
Exploits0References1
OSV
OSV
added 2022/09/13 10:15 p.m.4 views

CVE-2022-34101

A vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can place a malicious DLL in a certain path to execute code and preform a privilege escalation attack...

7.8CVSS5.9AI score0.00348EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/09/09 12:0 a.m.6 views

SAMSUNG Smart Switch PC 代码问题漏洞

SAMSUNG Smart Switch PC is a Windows software from Samsung South Korea. It is used for data transfer. SAMSUNG Smart Switch PC suffers from a DLL hijacking vulnerability that originates when a process attempts to load a DLL without specifying the absolute path to the DLL. An attacker can exploit...

7.8CVSS7.4AI score0.00217EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/09/09 12:0 a.m.3 views

PT-2022-25035 · Samsung · Smart Switch Pc

Name of the Vulnerable Software and Affected Versions: Smart Switch PC versions prior to 4.3.22083 3 Description: The issue allows an attacker to execute arbitrary code through a DLL hijacking vulnerability. Recommendations: For versions prior to 4.3.22083 3, update to version 4.3.22083 3 or late...

7.8CVSS7.9AI score0.00217EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/07/27 12:0 a.m.11 views

McAfee Agent 代码问题漏洞

McAfee Agent MA is a set of client components from McAfee, Inc. that provides secure communications between ePolicy Orchestrator antivirus management platform and managed products. A code issue vulnerability exists in McAfee Agent MA versions prior to 5.7.7, which stems from a vulnerability that...

8.2CVSS6.1AI score0.00318EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/07/23 12:0 a.m.1 views

Scooter Software Beyond Compare 代码问题漏洞

Scooter Software Beyond Compare is content comparison tool software from Scooter Software. A security vulnerability exists in Scooter Software Beyond Compare versions 1.8a through 4.4.2 prior to 4.4.3 that originates from a DLL hijacking vulnerability in the uninstaller when installing the progra...

7.8CVSS7.3AI score0.00212EPSS
Exploits0References2
OSV
OSV
added 2022/07/18 12:15 a.m.3 views

CVE-2021-42923

ShowMyPC 3606 on Windows suffers from a DLL hijack vulnerability. If an attacker overwrites the file %temp%\ShowMyPC-ShowMyPC3606\wodVPN.dll, it will run any malicious code contained in that file. The code will run with normal user privileges unless the user specifically runs ShowMyPC as...

7.3CVSS5.8AI score0.00206EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/07/15 12:0 a.m.4 views

The vulnerability of the providers.dll library in the Node.js software platform, related to HTTP request processing flaws, allows attackers to execute arbitrary code.

The vulnerability of the providers.dll library in the Node.js software platform is related to an uncontrolled search path during the loading of DLL libraries. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.5CVSS7AI score0.01596EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder