1216 matches found
CVE-2021-27971
Alps Alpine Touchpad Driver 10.3201.101.215 is vulnerable to DLL Injection...
CVE-2021-44463
Missing DLLs, if replaced by an insider, could allow an attacker to achieve local privilege escalation on the DeltaV Distributed Control System Controllers and Workstations All versions when some DeltaV services are started...
CVE-2021-45975
In ListCheck.exe in Acer Care Center 4.x before 4.00.3038, a vulnerability in the loading mechanism of Windows DLLs could allow a local attacker to perform a DLL hijacking attack. This vulnerability is due to incorrect handling of directory search paths at run time. An attacker could exploit this...
CVE-2022-0129
Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a local administrator to load their own Dynamic Link Library DLL gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory that the process wa...
CVE-2022-0129
Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a local administrator to load their own Dynamic Link Library DLL gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory that the process wa...
Path traversal
Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a local administrator to load their own Dynamic Link Library DLL gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory that the process wa...
McAfee TechCheck 代码问题漏洞
McAfee TechCheck is a software from McAfee USA to keep your computer running smoothly. It is used to diagnose machine problems. A code issue vulnerability exists in versions prior to McAfee TechCheck 4.0.0.2 that allows local administrators to load their own Dynamic Link Library DLL to gain...
Autodesk Navisworks 缓冲区错误漏洞
Autodesk Navisworks is a 3D model review software for architecture, engineering and construction from Autodesk, Inc. A code issue vulnerability exists in Autodesk Navisworks, which can be exploited by attackers to execute code via a maliciously crafted DLL file...
Vulnerability fixed in SonicWall Global VPN Client
A vulnerability has been fixed in SonicWall Global VPN Client. The vulnerability is in the handling of specific DLL files. A local malicious party can exploit the vulnerability to execute arbitrary code. SonicWall has released updates to fix the vulnerability fix in Global VPN Client 4.10.7. More...
The vulnerability of Adobe Illustrator CC 2019’s graphic editor lies in its insecure method of searching for paths to DLL libraries. This allows attackers to exploit their privileges.
The vulnerability of Adobe Illustrator CC 2019 is related to a unsafe procedure for searching paths to DLL libraries. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to a insecure process for finding libraries containing DLL paths. This allows attackers to execute arbitrary code.
The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to a insecure process for locating libraries in DLL files. Exploiting these vulnerabilities can allow attackers to...
PT-2021-19550 · Mcafee · Mcafee Drive Encryption
Name of the Vulnerable Software and Affected Versions: McAfee Drive Encryption MDE versions prior to 7.3.0 HF2 7.3.0.183 Description: The issue allows local users to execute arbitrary code and escalate privileges via execution from a compromised folder. This is due to a DLL Search Order Hijacking...
CVE-2021-38416
Delta Electronics DIALink versions 1.2.4.0 and prior insecurely loads libraries, which may allow an attacker to use DLL hijacking and takeover the system where the software is installed...
Trend Micro Apex One 安全漏洞
Trend Micro Apex One is a suite of endpoint security protection software from Trend Micro that provides automated threat detection and response capabilities. A security vulnerability exists in Trend Micro Apex One that stems from incorrect privilege assignment. The vulnerability can be exploited ...
SupportAssist Client 代码问题漏洞
Dell SupportAssist Client is a client application from Dell DELL, USA. The program provides automated, proactive and predictive techniques for troubleshooting, etc. Dell SupportAssist Client has a code issue vulnerability that can be exploited by attackers to load arbitrary .dll files using .dll...
CVE-2021-26750
DLL hijacking in Panda Agent =1.16.11 in Panda Security, S.L.U. Panda Adaptive Defense 360 = 8.0.17 allows attacker to escalate privileges via maliciously crafted DLL file...
Panda Security Antivirus代码问题漏洞
Panda Security Antivirus is a suite of antivirus software from the Spanish company Panda Security. A security vulnerability exists in Panda Securit, which can be exploited by an attacker to escalate privileges via a maliciously crafted DLL file...
Mcafee McAfee Agent 数据伪造问题漏洞
Mcafee McAfee Agent MA is a Mcafee client component that provides secure communication between ePolicy Orchestrator antivirus management platform and managed products. A Data Forgery Issue vulnerability previously existed in McAfee Agent for Windows version 5.7.4, which could allow a local user t...
LINE for Windows 代码问题漏洞
LINE for Windows is a Windows-based instant messaging application from Japanese company LINE. A security vulnerability exists in LINE for Windows 6.2.1.2289 and earlier, which allows execution of arbitrary code via injection from a malicious DLL...
The vulnerability of the VideoXpert OpsCenter software, related to an uncontrolled element in the search process, allows a intruder to execute arbitrary code using specially uploaded DLL files.
The vulnerability of the VideoXpert OpsCenter surveillance system software is related to an uncontrolled element in the search process. Exploiting this vulnerability could allow a perpetrator to execute arbitrary code using specially uploaded DLL files...