1004 matches found
The vulnerabilities in programs for viewing and editing PDF files such as Adobe Reader, Adobe Acrobat, Adobe Acrobat Document Cloud, and Adobe Reader Document Cloud allow attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the DLL library of OCR plugins for programs that read and edit PDF files, such as Adobe Reader, Adobe Acrobat, Adobe Acrobat Document Cloud, and Adobe Reader Document Cloud, is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor...
Sogou High Speed Browser suffers from dll hijacking vulnerability
Sogou High Speed Browser is a dual-core browser developed by Sogou. A dll hijacking vulnerability exists in Sogou High Speed Browser. The vulnerability is caused due to unsafe loading of library files by the SogouExplorer.exe component of Sogou High Speed Browser. By constructing a malicious...
ABBYY PDF Transformer+ dll Hijacking Vulnerability
ABBYY PDF Transformer+ is a pdf format converter from ABBYY. ABBYY PDF Transformer+'s Transformer.exe component has a dll hijacking vulnerability, due to insecure loading of library files, an attacker can construct a malicious application and place it in a specific path, which allows the...
CVE-2017-3012
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading DLL hijacking vulnerability in the OCR plugin...
CVE-2017-6033
A DLL Hijacking issue was discovered in Schneider Electric Interactive Graphical SCADA System IGSS Software, Version 12 and previous versions. The software will execute a malicious file if it is named the same as a legitimate file and placed in a location that is earlier in the search path...
SCADA engine BACnetOPCServer suffers from dll hijacking vulnerability
SCADA system is a data acquisition and monitoring control system. bacnetOPCServer is the server software for the SCADA engine. The BACnetOPCServer software's BACnSvrTest.exe component is vulnerable to DLL hijacking due to insecure loading of library files, which can be used to maliciously load a...
CVE-2016-8274
Huawei PC client software HiSuite 4.0.5.300OVE has a dynamic link library DLL hijack vulnerability; an attacker can make the system load malicious DLL files to execute arbitrary code...
Introducing Monitor.app for macOS
As a malware analyst or systems programmer, having a suite of solid dynamic analysis tools is vital to being quick and effective. These tools enable us to understand malware capabilities and undocumented components of the operating system. One obvious tool that comes to mind is Procmon from the...
The vulnerability of the Shockwave Player software platform, which allows a hacker to elevate their privileges
The vulnerability of the Shockwave Player software’s DLL hijacking library is related to the unreliable nature of the process for locating critical resources. Exploiting this vulnerability allows a malicious actor to enhance their privileges remotely...
CVE-2016-7583
An issue was discovered in certain Apple products. iCloud before 6.0.1 is affected. The issue involves the setup subsystem in the "iCloud" component. It allows local users to gain privileges via a crafted dynamic library in an unspecified directory...
CVE-2016-7583
An issue was discovered in certain Apple products. iCloud before 6.0.1 is affected. The issue involves the setup subsystem in the "iCloud" component. It allows local users to gain privileges via a crafted dynamic library in an unspecified directory...
Directory traversal
An issue was discovered in certain Apple products. iCloud before 6.0.1 is affected. The issue involves the setup subsystem in the "iCloud" component. It allows local users to gain privileges via a crafted dynamic library in an unspecified directory...
CVE-2016-7583
An issue was discovered in certain Apple products. iCloud before 6.0.1 is affected. The issue involves the setup subsystem in the "iCloud" component. It allows local users to gain privileges via a crafted dynamic library in an unspecified directory...
CVE-2016-7583
An issue was discovered in certain Apple products. iCloud before 6.0.1 is affected. The issue involves the setup subsystem in the "iCloud" component. It allows local users to gain privileges via a crafted dynamic library in an unspecified directory...
Skype for Windows Untrustworthy Search Path Vulnerability
Microsoft Skype is a suite of instant messaging software from the American company Microsoft. An untrusted search path vulnerability exists in Microsoft Skype. A local attacker can exploit this vulnerability by executing arbitrary code with the help of the msi.dll, dpapi.dll, or cryptui.dll files...
About the security content of iCloud for Windows 6.0.1 - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...
Nidesoft MP3 Converter DLL Hijacking Vulnerability
Nidesoft MP3 Converter is a professional tool for MP3 conversion, which can convert video files, MP3 music and many other audio formats. A DLL hijacking vulnerability exists in the quserex.dll file in Nidesoft MP3 Converter version 2.6.18, which can be exploited by local attackers to inject code ...
CodeBlocks DLL Hijacking Vulnerability
CodeBlocks is an open source full-featured cross-platform C/C++ IDE. A DLL hijacking vulnerability exists in CodeBlocks version 12.11, which can be exploited by a local attacker to inject code or gain advanced access...
CVE-2016-7275
Microsoft Office 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loading Vulnerability."...
Once due to bug fixes to trigger the vulnerability—CVE-2016-6309 vulnerability detailed analysis-vulnerability warning-the black bar safety net
openssl released a security level for”serious”UAF vulnerability, the exploit is simple, only need to send a tcp packet will trigger the vulnerability, but the consequences are serious, may result in TLS-related applications denial of service or even arbitrary code execution and other consequences...