1217 matches found
The vulnerability of the VideoXpert OpsCenter software, related to an uncontrolled element in the search process, allows a intruder to execute arbitrary code using specially uploaded DLL files.
The vulnerability of the VideoXpert OpsCenter surveillance system software is related to an uncontrolled element in the search process. Exploiting this vulnerability could allow a perpetrator to execute arbitrary code using specially uploaded DLL files...
The vulnerability of the Adobe Animate program for creating multimedia and computer animations lies in the use of an unreliable search path during the loading of dynamic DLL libraries, which allows attackers to exploit their privileges.
The vulnerability of the Adobe Animate program for creating multimedia and computer animations is related to the use of an unreliable search path during the loading of dynamic DLL libraries. Exploiting this vulnerability can allow attackers to gain increased privileges...
The installers of multiple Sony products may insecurely load Dynamic Link Libraries
Overview The installers of multiple Sony products contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Shogo Kumamaru of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...
Foxit Reader和Foxit PhantomPDF 代码问题漏洞
Foxit Reader and Foxit PhantomPDF are both PDF document readers from the Chinese company Foxit. A security vulnerability exists in Foxit Reader and PhantomPDF versions prior to 10.1.4, which stems from the application allowing DLL hijacking...
CVE-2021-1593
A vulnerability in Cisco Packet Tracer for Windows could allow an authenticated, local attacker to perform a DLL injection attack on an affected device. To exploit this vulnerability, the attacker must have valid credentials on the Windows system. This vulnerability is due to incorrect handling o...
CVE-2021-29297
Buffer Overflow in Emerson GE Automation Proficy Machine Edition v8.0 allows an attacker to cause a denial of service and application crash via crafted traffic from a Man-in-the-Middle MITM attack to the component "FrameworX.exe" in the module "MSVCR100.dll"...
Emerson GE Automation Proficy Machine 输入验证错误漏洞
Emerson GE Automation Proficy Machine Edition is an application of emerson Inc. an automation solution. An automation solution, an input validation error vulnerability exists in Emerson GE Automation Proficy Machine due to incorrect input validation in Emerson GE Automation Proficy Machine Editio...
CVE-2020-4623
IBM i2 iBase 8.9.13 could allow a local authenticated attacker to execute arbitrary code on the system, caused by a DLL search order hijacking flaw. By using a specially-crafted .DLL file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 184984...
CVE-2021-25699
The OpenSSL component of the Teradici PCoIP Software Client prior to version 21.07.0 was compiled without the no-autoload-config option, which allowed an attacker to elevate to the privileges of the running process via placing a specially crafted dll in a build configuration directory...
Teradici PCoIP Standard Agent代码问题漏洞
Teradici PCoIP Standard Agent is an agent program for connecting to virtual desktops from Teradici Canada. A code issue vulnerability exists in Teradici PCoIP Standard Agent prior, which could be exploited by an attacker to elevate the privileges of a running process by placing a specially crafte...
Teradici PCoIP Software Agent 代码问题漏洞
The Teradici PCoIP Software Agent is part of the Teradici Cloud Access Software from Teradici Canada. A PCoIP client can be used to connect to virtual desktops either directly or through a connection agent. A code issue vulnerability exists in Teradici PCoIP Software Client that allows an attacke...
CVE-2021-35449
The Lexmark Universal Print Driver version 2.15.1.0 and below, G2 driver 2.7.1.0 and below, G3 driver 3.2.0.0 and below, and G4 driver 4.2.1.0 and below are affected by a privilege escalation vulnerability. A standard low priviliged user can use the driver to execute a DLL of their choosing durin...
CVE-2021-3550
A DLL search path vulnerability was reported in Lenovo PCManager, prior to version 3.0.500.5102, that could allow privilege escalation...
CVE-2020-29157
An issue in RAONWIZ K Editor v2018.0.0.10 allows attackers to perform a DLL hijacking attack when the service or system is restarted...
Raonwiz K Upload 代码问题漏洞
Raonwiz K Upload is a file transfer component from Raonwiz Korea.Raonwiz K Editor v2018.0.0.10 contains a security vulnerability that allows an attacker to perform a DLL hijacking attack on service or system restart...
Siemens Jt2go 和 Siemens Teamcenter Visualization 缓冲区错误漏洞
Siemens Jt2go is a JT file viewer.Siemens Teamcenter Visualization is a software that provides teamwork capabilities for designing 2D and 3D scenarios. An out-of-bounds write vulnerability exists in Siemens JT2Go versions prior to 13.2 and Teamcenter Visualization versions prior to 13.2. The...
The vulnerability of the print spooler driver for Windows operating systems allows a hacker to execute arbitrary code.
The vulnerability of the Windows Print Spooler in operating systems related to the Windows platform is associated with deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by loading a malicious DLL library remotely...
McAfee Agent代码问题漏洞
The McAfee McAfee Agent MA is a set of client components from McAfee, Inc. that provides secure communications between ePolicy Orchestrator the antivirus management platform and managed products. A security vulnerability exists in McAfee Agent in versions prior to 5.7.3. The vulnerability stems...
The vulnerability of the development module for construction route planning in the “LOCMAN Construction Planner” tool of the Engineering Data Management and Product Lifecycle management system LOCMAN:PLM lies in its ability to load files of a dangerous type indefinitely, allowing attackers to execute arbitrary codes.
The vulnerability of the development module for manufacturing route planning in the “LOCMAN Rascex” product, within the engineering data management and product lifecycle management system LOCMAN:PLM, relates to the unlimited loading of dangerous files. Exploiting this vulnerability could allow...
The vulnerability of the ksys2.dll library in the KOMPAS-3D 3D modeling system, which is related to the execution of operations outside the buffer in memory, allows a hacker to cause a service failure.
The vulnerability of the ksys2.dll library in the KOMPAS-3D three-dimensional modeling system is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure using a specially crafted CDW format file...