Lucene search
K

1216 matches found

OSV
OSV
added 2022/07/14 3:15 p.m.1 views

ALPINE-CVE-2022-32223

Node.js is vulnerable to Hijack Execution Flow: DLL Hijacking under certain conditions on Windows platforms.This vulnerability can be exploited if the victim has the following dependencies on a Windows machine: OpenSSL has been installed and “C:\Program Files\Common Files\SSL\openssl.cnf”...

7.3CVSS7AI score0.01596EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2022/07/13 12:0 a.m.3 views

The vulnerability of the DLL library of the Microprogramming Software for Sensor Panels from AutomationDirect C-More series EA9 HMI allows a hacker to execute arbitrary code during the installation process.

The vulnerability of the DLL library of C-More sensor panel microprogramming systems series EA9 HMI is related to an uncontrolled search path element. Exploiting this vulnerability could allow a attacker to execute arbitrary code during the installation process...

7.8CVSS7.6AI score0.00337EPSS
Exploits0References3Affected Software12
OSV
OSV
added 2022/07/12 11:15 p.m.0 views

CVE-2022-22045

Windows.Devices.Picker.dll Elevation of Privilege Vulnerability...

7.8CVSS7.3AI score0.005EPSS
Exploits0References1
OSV
OSV
added 2022/06/15 9:15 p.m.4 views

CVE-2022-22788

The Zoom Opener installer is downloaded by a user from the Launch meeting page, when attempting to join a meeting without having the Zoom Meeting Client installed. The Zoom Opener installer for Zoom Client for Meetings before version 5.10.3 and Zoom Rooms for Conference Room for Windows before...

7.8CVSS7.3AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/06/14 12:0 p.m.4 views

CVE-2022-22788

The Zoom Opener installer is downloaded by a user from the Launch meeting page, when attempting to join a meeting without having the Zoom Meeting Client installed. The Zoom Opener installer for Zoom Client for Meetings before version 5.10.3 and Zoom Rooms for Conference Room for Windows before...

7.8CVSS7.4AI score0.01417EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/06/13 2:15 p.m.3 views

CVE-2022-24077

Naver Cloud Explorer Beta allows the attacker to execute arbitrary code as System privilege via malicious DLL injection...

7.8CVSS6AI score0.00292EPSS
Exploits0References2
OSV
OSV
added 2022/06/07 7:15 p.m.3 views

CVE-2022-30744

DLL hijacking vulnerability in KiesWrapper in Samsung Kies prior to version 2.6.4.220431 allows attacker to execute arbitrary code...

7.8CVSS7.3AI score0.00234EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/06/07 12:0 a.m.3 views

Samsung Kies 代码问题漏洞

Samsung Kies is an application from the South Korean company Samsung Samsung for data synchronization between devices. The program is mainly used to connect Samsung devices with computers and supports features such as file management and device updates. A DLL hijacking vulnerability exists in...

7.8CVSS6.1AI score0.00234EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/06/05 10:15 p.m.1 views

CVE-2022-32291

In Real Player through 20.1.0.312, attackers can execute arbitrary code by placing a UNC share pathname for a DLL file in a RAM file...

8.8CVSS5.8AI score0.01503EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/06/03 3:17 a.m.1 views

Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service

Overview Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. Impact Privilege escalation and arbitrary DLL loading due to an incorrect...

7.8CVSS7.1AI score0.00377EPSS
Exploits0References8
CNNVD
CNNVD
added 2022/05/26 12:0 a.m.2 views

Trend Micro Apex One 安全漏洞

Trend Micro Apex One is an endpoint protection software from Trend Micro. A security vulnerability exists in Trend Micro Apex One that originates from a misassigned privilege in the service. A local attacker could exploit the vulnerability by loading a DLL on an affected installation to achieve...

7.8CVSS7.3AI score0.00288EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/05/24 7:15 p.m.5 views

CVE-2022-23050

ManageEngine AppManager15 Build No:15510 allows an authenticated admin user to upload a DLL file to perform a DLL hijack attack inside the 'working' folder through the 'Upload Files / Binaries' functionality...

7.2CVSS5.8AI score0.04646EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/05/24 12:0 a.m.3 views

Telecommunication Software SAMwin Contact Center Suite 信任管理问题漏洞

Telecommunication Software SAMwin Contact Center Suite is a highly versatile and flexible contact center software solution from Telecommunication Software. A security vulnerability exists in Telecommunication Software SAMwin Contact Center Suite version 5.1, which stems from a function...

9.1CVSS8.2AI score0.00741EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/05/23 12:0 a.m.3 views

Quick Heal 代码问题漏洞

Quick Heal is an antivirus software from Quick Heal that provides IT security solutions for your PC, Mac, phone, tablet and corporate network. A code issue vulnerability exists in versions prior to Quick Heal Total Security 12.1.1.27, which stems from a lack of privilege control during applicatio...

7.9CVSS7.5AI score0.00279EPSS
Exploits0References3
OSV
OSV
added 2022/05/20 1:15 p.m.4 views

CVE-2022-29028

A vulnerability has been identified in JT2Go All versions V13.3.0.3, Teamcenter Visualization V13.3 All versions V13.3.0.3, Teamcenter Visualization V14.0 All versions V14.0.0.1. The TiffLoader.dll is vulnerable to infinite loop condition while parsing specially crafted TIFF files. An attacker...

5.5CVSS5.7AI score0.00497EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/05/20 12:0 a.m.4 views

Avast Premium Security 代码问题漏洞

Avast Premium Security is an application from the Czech company Avast. Avast Premium Security suffers from a DLL hijacking vulnerability that originates when the instup.exe and wscproxy.exe processes attempt to load a DLL by failing to specify the absolute path to the DLL. An attacker could use...

6.5CVSS6.2AI score0.00277EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/05/20 12:0 a.m.7 views

The vulnerability of the Git distributed version control system’s uninstaller allows a hacker to increase their privileges.

The vulnerability of the Git distributed version control system’s uninstaller is related to an uncontrolled element in the loading process of DLL libraries. Exploiting this vulnerability can allow attackers to enhance their privileges using specially created malicious files with the extension .dl...

7.8CVSS7.5AI score0.0135EPSS
Exploits0References6Affected Software5
OSV
OSV
added 2022/05/05 5:15 p.m.3 views

CVE-2022-28714

On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, as well as F5 BIG-IP APM Clients 7.x versions prior to 7.2.1.5, a DLL Hijacking vulnerability exists in...

7.8CVSS5.8AI score0.00288EPSS
Exploits0References1
OSV
OSV
added 2022/04/27 3:15 p.m.6 views

CVE-2022-29505

Due to build misconfiguration in openssl dependency, LINE for Windows before 7.8 is vulnerable to DLL injection that could lead to privilege escalation...

7.8CVSS7.1AI score0.00481EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/04/22 12:0 a.m.4 views

Lenovo PCManager 代码问题漏洞

Lenovo Lenovo Pcmanager Lenovo Computer Manager is a software from Lenovo, China that allows for comprehensive management of Pc devices. A security vulnerability exists in versions prior to Lenovo Pcmanager 4.0.40.2175, which stems from a DLL search path vulnerability in the application. An...

7.8CVSS7.4AI score0.00237EPSS
Exploits0References2
Rows per page
Query Builder