CVE-2026-44406

ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.contains a DLL hijacking vulnerability; since...

CVE-2026-27774

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image Windows before build 42902...

CVE-2023-53937

Hubstaff 1.6.14 is affected by a DLL search order hijacking vulnerability that enables replacing the missing system32 wow64log.dll with a malicious library. An attacker could generate a custom DLL (e.g., via Metasploit) and place it in the system32 directory to obtain a reverse shell when the app...

CVE-2025-34417

CVE-2025-34417 affects MailEnable versions prior to 10.54. The issue is an unsafe DLL loading vulnerability where the MailEnable administrative executable loads MEAISO.DLL from its installation directory without sufficient integrity validation or a secure search order. A local attacker with write...

PT-2025-50328

A DLL hijacking vulnerability was reported in the Lenovo App Store and Lenovo Browser applications that could allow a local authenticated user to execute code with elevated privileges under certain conditions...

CVE-2024-21922

A DLL hijacking vulnerability in AMD StoreMI™ could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...

EUVD-2025-198124

When the service of ABP and AES is installed in a directory writable by non-administrative users, an attacker can replace or plant a DLL with the same name as one loaded by the service. Upon service restart, the malicious DLL is loaded and executed under the LocalSystem account, resulting in...

CVE-2025-10215

DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a FREngine.dll file of their choice in the 'C:\Users\Public\AppData\Local\UPDF\FREngine\Bin64' directory, which could lead to...

CVE-2025-10213

DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a dxtn.dll file of their choice in the 'C:\Users\AppData\Local\Microsoft\WindowsApps' directory, which could lead to arbitrary...

CVE-2025-10214 DLL search path hijacking vulnerability

DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a FREngine.dll file of their choice in the 'C:\Users\AppData\Local\UPDF\FREngine\Bin64' directory, which could lead to arbitrary...

CVE-2025-40979 DLL search order hijack in Wave by Grandstream Networks

DLL search order hijacking vulnerability in the wave.exe executable for Windows 11, version 1.27.8. Exploitation of this vulnerability could allow attackers with local access to execute arbitrary code by placing an arbitrary file in the 'C:\Users\AppData\Local\Temp' directory, which could lead to...

PT-2025-37035

Name of the Vulnerable Software and Affected Versions: UPDF versions 1.8.5.0 Description: A DLL search path hijacking issue exists in the UPDF.exe executable for Windows. Attackers with local access can execute arbitrary code by placing a malicious FREngine.dll file in the...

PT-2025-36904

Name of the Vulnerable Software and Affected Versions: Sunshine for Windows version v2025.122.141614 Description: Sunshine for Windows version v2025.122.141614 contains a DLL search-order hijacking vulnerability. This allows attackers to insert a malicious DLL into user-writable PATH directories...

Motorola Software Fix 安全漏洞

Motorola Software Fix is an Android application from Motorola USA. A security vulnerability exists in Motorola Software Fix, which stems from a DLL hijacking vulnerability during the installation process that could lead to elevated privileges for a local attacker...

PT-2025-5583 · Acronis · Acronis Cyber Protect Cloud Agent

Name of the Vulnerable Software and Affected Versions: Acronis Cyber Protect Cloud Agent Windows versions before build 39378 Description: The issue is related to a local privilege escalation due to a DLL hijacking vulnerability. This allows an attacker to potentially gain elevated privileges on a...

PT-2024-25346 · Lenovo · Lenovo Leyun

Name of the Vulnerable Software and Affected Versions: Lenovo Leyun affected versions not specified Description: A DLL hijack vulnerability was reported in Lenovo Leyun that could allow a local attacker to execute code with elevated privileges. Recommendations: At the moment, there is no...

SUSE CVE-2018-1000201

ruby-ffi version 1.9.23 and earlier has a DLL loading issue which can be hijacked on Windows OS, when a Symbol is used as DLL name instead of a String This vulnerability appears to have been fixed in v1.9.24 and later...

CVE-2022-42945

DWG TrueViewTM 2023 version has a DLL Search Order Hijacking vulnerability. Successful exploitation by a malicious attacker could result in remote code execution on the target system...

NoMachine 安全漏洞

NoMachine is a remote desktop access tool from Luxembourg-based NoMachine. v7.9.2 of NoMachine is vulnerable to an authorization issue that originates from incorrect permissions in the C:ProgramDataNoMachinevaruninstall folder. An attacker could exploit this vulnerability to hijack the DLL and...

AUVESY Versiondog 代码问题漏洞

AUVESY Versiondog is an automated production data and change management software solution from the German company AUVESY. AUVESY Versiondog has a code issue vulnerability that could be exploited by an attacker to hijack a loaded DLL...