Lucene search
K

1004 matches found

BDU FSTEC
BDU FSTEC
added 2017/04/27 12:0 a.m.7 views

The vulnerabilities in programs for viewing and editing PDF files such as Adobe Reader, Adobe Acrobat, Adobe Acrobat Document Cloud, and Adobe Reader Document Cloud allow attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the DLL library of OCR plugins for programs that read and edit PDF files, such as Adobe Reader, Adobe Acrobat, Adobe Acrobat Document Cloud, and Adobe Reader Document Cloud, is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor...

9.3CVSS7.4AI score0.02819EPSS
Exploits0References3Affected Software2
CNVD
CNVD
added 2017/04/25 12:0 a.m.2 views

Sogou High Speed Browser suffers from dll hijacking vulnerability

Sogou High Speed Browser is a dual-core browser developed by Sogou. A dll hijacking vulnerability exists in Sogou High Speed Browser. The vulnerability is caused due to unsafe loading of library files by the SogouExplorer.exe component of Sogou High Speed Browser. By constructing a malicious...

7.1AI score
Exploits0
CNVD
CNVD
added 2017/04/13 12:0 a.m.2 views

ABBYY PDF Transformer+ dll Hijacking Vulnerability

ABBYY PDF Transformer+ is a pdf format converter from ABBYY. ABBYY PDF Transformer+'s Transformer.exe component has a dll hijacking vulnerability, due to insecure loading of library files, an attacker can construct a malicious application and place it in a specific path, which allows the...

7.1AI score
Exploits0
OSV
OSV
added 2017/04/12 2:59 p.m.2 views

CVE-2017-3012

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading DLL hijacking vulnerability in the OCR plugin...

7.8CVSS5.8AI score0.02819EPSS
Exploits0References3
OSV
OSV
added 2017/04/07 10:59 p.m.4 views

CVE-2017-6033

A DLL Hijacking issue was discovered in Schneider Electric Interactive Graphical SCADA System IGSS Software, Version 12 and previous versions. The software will execute a malicious file if it is named the same as a legitimate file and placed in a location that is earlier in the search path...

7.8CVSS5.8AI score0.0134EPSS
Exploits0References3
CNVD
CNVD
added 2017/04/05 12:0 a.m.5 views

SCADA engine BACnetOPCServer suffers from dll hijacking vulnerability

SCADA system is a data acquisition and monitoring control system. bacnetOPCServer is the server software for the SCADA engine. The BACnetOPCServer software's BACnSvrTest.exe component is vulnerable to DLL hijacking due to insecure loading of library files, which can be used to maliciously load a...

7.6AI score
Exploits0
OSV
OSV
added 2017/04/02 8:59 p.m.2 views

CVE-2016-8274

Huawei PC client software HiSuite 4.0.5.300OVE has a dynamic link library DLL hijack vulnerability; an attacker can make the system load malicious DLL files to execute arbitrary code...

7.8CVSS6AI score
Exploits0References1
FireEye
FireEye
added 2017/03/31 10:15 a.m.28 views

Introducing Monitor.app for macOS

As a malware analyst or systems programmer, having a suite of solid dynamic analysis tools is vital to being quick and effective. These tools enable us to understand malware capabilities and undocumented components of the operating system. One obvious tool that comes to mind is Procmon from the...

0.2AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2017/03/23 12:0 a.m.10 views

The vulnerability of the Shockwave Player software platform, which allows a hacker to elevate their privileges

The vulnerability of the Shockwave Player software’s DLL hijacking library is related to the unreliable nature of the process for locating critical resources. Exploiting this vulnerability allows a malicious actor to enhance their privileges remotely...

6.8CVSS7.2AI score0.03028EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2017/02/20 8:59 a.m.19 views

CVE-2016-7583

An issue was discovered in certain Apple products. iCloud before 6.0.1 is affected. The issue involves the setup subsystem in the "iCloud" component. It allows local users to gain privileges via a crafted dynamic library in an unspecified directory...

7.8CVSS6.7AI score0.0028EPSS
Exploits0References2
OSV
OSV
added 2017/02/20 8:59 a.m.6 views

CVE-2016-7583

An issue was discovered in certain Apple products. iCloud before 6.0.1 is affected. The issue involves the setup subsystem in the "iCloud" component. It allows local users to gain privileges via a crafted dynamic library in an unspecified directory...

7.8CVSS5.8AI score0.0028EPSS
Exploits0References2
Prion
Prion
added 2017/02/20 8:59 a.m.20 views

Directory traversal

An issue was discovered in certain Apple products. iCloud before 6.0.1 is affected. The issue involves the setup subsystem in the "iCloud" component. It allows local users to gain privileges via a crafted dynamic library in an unspecified directory...

4.6CVSS6.2AI score0.0028EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2017/02/20 8:59 a.m.4 views

CVE-2016-7583

An issue was discovered in certain Apple products. iCloud before 6.0.1 is affected. The issue involves the setup subsystem in the "iCloud" component. It allows local users to gain privileges via a crafted dynamic library in an unspecified directory...

7.8CVSS5.6AI score0.0028EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/02/20 8:35 a.m.27 views

CVE-2016-7583

An issue was discovered in certain Apple products. iCloud before 6.0.1 is affected. The issue involves the setup subsystem in the "iCloud" component. It allows local users to gain privileges via a crafted dynamic library in an unspecified directory...

6.9AI score0.0028EPSS
Exploits0References2
CNVD
CNVD
added 2017/02/08 12:0 a.m.6 views

Skype for Windows Untrustworthy Search Path Vulnerability

Microsoft Skype is a suite of instant messaging software from the American company Microsoft. An untrusted search path vulnerability exists in Microsoft Skype. A local attacker can exploit this vulnerability by executing arbitrary code with the help of the msi.dll, dpapi.dll, or cryptui.dll files...

7.8CVSS7AI score0.01875EPSS
Exploits0References1
Apple
Apple
added 2017/01/23 5:36 a.m.47 views

About the security content of iCloud for Windows 6.0.1 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

8.8CVSS0.6AI score0.01532EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2016/12/26 12:0 a.m.5 views

Nidesoft MP3 Converter DLL Hijacking Vulnerability

Nidesoft MP3 Converter is a professional tool for MP3 conversion, which can convert video files, MP3 music and many other audio formats. A DLL hijacking vulnerability exists in the quserex.dll file in Nidesoft MP3 Converter version 2.6.18, which can be exploited by local attackers to inject code ...

7AI score
Exploits0References1
CNVD
CNVD
added 2016/12/21 12:0 a.m.3 views

CodeBlocks DLL Hijacking Vulnerability

CodeBlocks is an open source full-featured cross-platform C/C++ IDE. A DLL hijacking vulnerability exists in CodeBlocks version 12.11, which can be exploited by a local attacker to inject code or gain advanced access...

7AI score
Exploits0References1
OSV
OSV
added 2016/12/20 6:59 a.m.3 views

CVE-2016-7275

Microsoft Office 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loading Vulnerability."...

7.8CVSS5.8AI score0.01417EPSS
Exploits0References3
myhack58
myhack58
added 2016/12/20 12:0 a.m.38 views

Once due to bug fixes to trigger the vulnerability—CVE-2016-6309 vulnerability detailed analysis-vulnerability warning-the black bar safety net

openssl released a security level for”serious”UAF vulnerability, the exploit is simple, only need to send a tcp packet will trigger the vulnerability, but the consequences are serious, may result in TLS-related applications denial of service or even arbitrary code execution and other consequences...

0.2AI score0.70223EPSS
Exploits0
Rows per page
Query Builder