Lucene search
K

1216 matches found

OSV
OSV
added 2022/01/31 8:15 a.m.2 views

CVE-2021-27971

Alps Alpine Touchpad Driver 10.3201.101.215 is vulnerable to DLL Injection...

7.8CVSS5.8AI score0.00403EPSS
Exploits0References1
OSV
OSV
added 2022/01/28 8:15 p.m.5 views

CVE-2021-44463

Missing DLLs, if replaced by an insider, could allow an attacker to achieve local privilege escalation on the DeltaV Distributed Control System Controllers and Workstations All versions when some DeltaV services are started...

7.3CVSS5.8AI score0.00263EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/01/26 3:15 p.m.3 views

CVE-2021-45975

In ListCheck.exe in Acer Care Center 4.x before 4.00.3038, a vulnerability in the loading mechanism of Windows DLLs could allow a local attacker to perform a DLL hijacking attack. This vulnerability is due to incorrect handling of directory search paths at run time. An attacker could exploit this...

7.8CVSS7.7AI score0.00604EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2022/01/11 5:15 p.m.6 views

CVE-2022-0129

Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a local administrator to load their own Dynamic Link Library DLL gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory that the process wa...

7.4CVSS6.6AI score0.0028EPSS
Exploits0References2
OSV
OSV
added 2022/01/11 5:15 p.m.5 views

CVE-2022-0129

Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a local administrator to load their own Dynamic Link Library DLL gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory that the process wa...

6.7CVSS6.7AI score0.0028EPSS
Exploits0References1
Prion
Prion
added 2022/01/11 5:15 p.m.21 views

Path traversal

Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a local administrator to load their own Dynamic Link Library DLL gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory that the process wa...

7.2CVSS6.4AI score0.0028EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/01/11 12:0 a.m.7 views

McAfee TechCheck 代码问题漏洞

McAfee TechCheck is a software from McAfee USA to keep your computer running smoothly. It is used to diagnose machine problems. A code issue vulnerability exists in versions prior to McAfee TechCheck 4.0.0.2 that allows local administrators to load their own Dynamic Link Library DLL to gain...

7.4CVSS5.7AI score0.0028EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/12/09 12:0 a.m.4 views

Autodesk Navisworks 缓冲区错误漏洞

Autodesk Navisworks is a 3D model review software for architecture, engineering and construction from Autodesk, Inc. A code issue vulnerability exists in Autodesk Navisworks, which can be exploited by attackers to execute code via a maliciously crafted DLL file...

7.8CVSS5.9AI score0.01437EPSS
Exploits0References4
NCSC
NCSC
added 2021/12/09 12:0 a.m.4 views

Vulnerability fixed in SonicWall Global VPN Client

A vulnerability has been fixed in SonicWall Global VPN Client. The vulnerability is in the handling of specific DLL files. A local malicious party can exploit the vulnerability to execute arbitrary code. SonicWall has released updates to fix the vulnerability fix in Global VPN Client 4.10.7. More...

7.8CVSS6.5AI score0.00851EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/12/01 12:0 a.m.4 views

The vulnerability of Adobe Illustrator CC 2019’s graphic editor lies in its insecure method of searching for paths to DLL libraries. This allows attackers to exploit their privileges.

The vulnerability of Adobe Illustrator CC 2019 is related to a unsafe procedure for searching paths to DLL libraries. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS7.2AI score0.00779EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/11/25 12:0 a.m.4 views

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to a insecure process for finding libraries containing DLL paths. This allows attackers to execute arbitrary code.

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to a insecure process for locating libraries in DLL files. Exploiting these vulnerabilities can allow attackers to...

7.8CVSS7.7AI score0.01716EPSS
Exploits0References3Affected Software2
Positive Technologies
Positive Technologies
added 2021/11/10 12:0 a.m.5 views

PT-2021-19550 · Mcafee · Mcafee Drive Encryption

Name of the Vulnerable Software and Affected Versions: McAfee Drive Encryption MDE versions prior to 7.3.0 HF2 7.3.0.183 Description: The issue allows local users to execute arbitrary code and escalate privileges via execution from a compromised folder. This is due to a DLL Search Order Hijacking...

7.8CVSS7.9AI score0.00191EPSS
Exploits0References4
OSV
OSV
added 2021/11/03 8:15 p.m.2 views

CVE-2021-38416

Delta Electronics DIALink versions 1.2.4.0 and prior insecurely loads libraries, which may allow an attacker to use DLL hijacking and takeover the system where the software is installed...

7.8CVSS5.8AI score0.00246EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/10/14 12:0 a.m.5 views

Trend Micro Apex One 安全漏洞

Trend Micro Apex One is a suite of endpoint security protection software from Trend Micro that provides automated threat detection and response capabilities. A security vulnerability exists in Trend Micro Apex One that stems from incorrect privilege assignment. The vulnerability can be exploited ...

7.8CVSS7.4AI score0.00338EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/09/28 12:0 a.m.5 views

SupportAssist Client 代码问题漏洞

Dell SupportAssist Client is a client application from Dell DELL, USA. The program provides automated, proactive and predictive techniques for troubleshooting, etc. Dell SupportAssist Client has a code issue vulnerability that can be exploited by attackers to load arbitrary .dll files using .dll...

7.8CVSS7.7AI score0.00471EPSS
Exploits0References1
OSV
OSV
added 2021/09/23 3:15 p.m.3 views

CVE-2021-26750

DLL hijacking in Panda Agent =1.16.11 in Panda Security, S.L.U. Panda Adaptive Defense 360 = 8.0.17 allows attacker to escalate privileges via maliciously crafted DLL file...

7.8CVSS5.8AI score0.00249EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/09/23 12:0 a.m.3 views

Panda Security Antivirus代码问题漏洞

Panda Security Antivirus is a suite of antivirus software from the Spanish company Panda Security. A security vulnerability exists in Panda Securit, which can be exploited by an attacker to escalate privileges via a maliciously crafted DLL file...

7.8CVSS7.4AI score0.00249EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/09/22 12:0 a.m.4 views

Mcafee McAfee Agent 数据伪造问题漏洞

Mcafee McAfee Agent MA is a Mcafee client component that provides secure communication between ePolicy Orchestrator antivirus management platform and managed products. A Data Forgery Issue vulnerability previously existed in McAfee Agent for Windows version 5.7.4, which could allow a local user t...

8.2CVSS7.9AI score0.00234EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/09/08 12:0 a.m.4 views

LINE for Windows 代码问题漏洞

LINE for Windows is a Windows-based instant messaging application from Japanese company LINE. A security vulnerability exists in LINE for Windows 6.2.1.2289 and earlier, which allows execution of arbitrary code via injection from a malicious DLL...

7.8CVSS7.9AI score0.00403EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/09/02 12:0 a.m.4 views

The vulnerability of the VideoXpert OpsCenter software, related to an uncontrolled element in the search process, allows a intruder to execute arbitrary code using specially uploaded DLL files.

The vulnerability of the VideoXpert OpsCenter surveillance system software is related to an uncontrolled element in the search process. Exploiting this vulnerability could allow a perpetrator to execute arbitrary code using specially uploaded DLL files...

6.4CVSS7.6AI score0.00943EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder