CVE-2026-24694

Roland Cloud Manager, version 3.1.19 and earlier, is affected by an insecure DLL loading issue in its installer that could allow a local attacker to execute arbitrary code with the application’s privileges. Multiple sources corroborate the same description across NVD/Red Hat/CIRCL, with CVSS indi...

Roland Cloud Manager 代码问题漏洞

Roland Cloud Manager is a software management platform developed by the Japanese company Roland. Versions of Roland Cloud Manager 3.1.19 and earlier contained code vulnerabilities due to insecure loading of dynamic link libraries. These vulnerabilities could allow attackers to execute arbitrary...

ESET Inspect Connector security vulnerabilities

ESET Inspect Connector is a lightweight terminal agent component developed by ESET Singapore. There is a security vulnerability in ESET Inspect Connector, which stems from the possibility of loading malicious DLLs due to the embedding of custom configuration files...

Multiple Brother software installers may insecurely load Dynamic Link Libraries

Overview Multiple software installers provided by Brother Industries, Ltd. may insecurely load some dynamic link libraries. Uncontrolled search path element CWE-427 - CVE-2016-2542, CVE-2021-41526 Kazuma Matsumoto of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to Brother...

CVE-2025-33231

NVIDIA Nsight Systems for Windows contains a vulnerability in the application’s DLL loading mechanism where an attacker could cause an uncontrolled search path element by exploiting insecure DLL search paths. A successful exploit of this vulnerability might lead to code execution, escalation of...

CVE-2025-69258

Trend Micro Apex Central is affected by CVE-2025-69258 (LoadLibraryEX). The vulnerability allows an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to code execution under the SYSTEM context on affected installations. Current public details indica...

MailEnable 代码问题漏洞

MailEnable is a Windows-based business e-mail server from MailEnable Australia. MailEnable suffers from an insecure DLL loading vulnerability that can be exploited by an attacker to cause local arbitrary code execution...

Installer of INZONE Hub may insecurely load Dynamic Link Libraries

Overview The installer of INZONE Hub provided by Sony Corporation contains the following vulnerability with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2025-64772 Kazuma Matsumoto of GMO Cybersecurity by IERAE,...

Installer of WTW EAGLE (for Windows) may insecurely load Dynamic Link Libraries

Overview The installer of WTW EAGLE for Windows provided by Wireless Tsukamoto Co., Ltd. contains the following vulnerability with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2025-62776 Kazuma Matsumoto of GMO...

[SECURITY] Fedora 42 Update: mingw-binutils-2.43.1-5.fc42

Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...

SUSE CVE-2025-23309

NVIDIA Display Driver contains a vulnerability where an uncontrolled DLL loading path might lead to arbitrary denial of service, escalation of privileges, code execution, and data tampering...

EUVD-2021-26910

Malware in sbrugna...

EUVD-2017-9743

Malware in sbrugna...

EUVD-2006-1446

Malware in sbrugna...

EUVD-2020-17873

Malware in sbrugna...

EUVD-2021-26917

Malware in sbrugna...

CVE-2025-9267

The CVE-2025-9267 issue affects Seagate Toolkit on Windows, specifically Toolkit Installer versions prior to 2.35.0.6. The vulnerability arises from loading DLLs from the current working directory without validating origin or integrity, due to insecure DLL loading practices and reliance on relati...

apko is vulnerable to attack through incorrect permissions in /etc/ld.so.cache and other files

It was discovered that the ld.so.cache in images generated by apko had file system permissions mode 0666: bash-5.3 find / -type f -perm -o+w /etc/ld.so.cache This issue was introduced in commit 04f37e2 "generate /etc/ld.so.cache 1629"v0.27.0. Impact This potentially allows a local unprivileged us...

CVE-2024-24916

Untrusted DLLs in the installer's directory may be loaded and executed, leading to potentially arbitrary code execution with the installer's privileges admin...

Sparklabs Viscosity 安全漏洞

Sparklabs Viscosity is an OpenVPN client from Sparklabs Australia. A security vulnerability exists in SparkLabs Viscosity versions prior to 1.11.5, which stems from the possibility of exploiting the Launch Agent to load dynamic libraries to gain limited access to resources...