272 matches found
EUVD-2020-25792
Malware in sbrugna...
CVE-2025-57781
The installers of DENSO TEN drive recorder viewer contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privilege of the user invoking the installer...
CVE-2025-57781
The CVE-2025-57781 entry concerns the DENSO TEN drive recorder viewer installers. A DLL search path flaw (Uncontrolled search path element, CWE-427) may cause insecure DLL loading, enabling arbitrary code execution with the user’s privileges if the installer is run. Affected software is described...
EUVD-2025-4821
Malicious code in bioql PyPI...
EUVD-2025-28674
Malicious code in bioql PyPI...
EUVD-2024-17345
Malicious code in bioql PyPI...
CVE-2025-9267
In Seagate Toolkit on Windows a vulnerability exists in the Toolkit Installer prior to versions 2.35.0.6 where it attempts to load DLLs from the current working directory without validating their origin or integrity. This behavior can be exploited by placing a malicious DLL in the same directory ...
CVE-2025-58322
NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM by invoking arbitrary DLLs due to improper privilege checks...
[SECURITY] Fedora 42 Update: mingw-binutils-2.43.1-4.fc42
Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...
CVE-2024-1605
BMC Control-M branches 9.0.20 and 9.0.21 upon user login load all Dynamic Link Libraries DLL from a directory that grants Write and Read permissions to all users. Leveraging it leads to loading of a potentially malicious libraries, which will execute with the application's privileges. Fix for...
CVE-2024-29734
Uncontrolled search path element issue exists in SonicDICOM Media Viewer 2.3.2 and earlier, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application...
CVE-2024-57964
Insecure Loading of Dynamic Link Libraries have been discovered in HVAC Energy Saving Program, which could allow local attackers to potentially disclose information or execute arbitray code on affected systems. This issue affects HVAC Energy Saving Program:...
CVE-2024-57964
Insecure Loading of Dynamic Link Libraries have been discovered in HVAC Energy Saving Program, which could allow local attackers to potentially disclose information or execute arbitray code on affected systems. This issue affects HVAC Energy Saving Program:...
CVE-2024-57964 Insecure Loading of Dynamic Link Libraries in HVAC Energy Saving Program
Insecure Loading of Dynamic Link Libraries have been discovered in HVAC Energy Saving Program, which could allow local attackers to potentially disclose information or execute arbitray code on affected systems. This issue affects HVAC Energy Saving Program:...
CVE-2024-57964 Insecure Loading of Dynamic Link Libraries in HVAC Energy Saving Program
Insecure Loading of Dynamic Link Libraries have been discovered in HVAC Energy Saving Program, which could allow local attackers to potentially disclose information or execute arbitray code on affected systems. This issue affects HVAC Energy Saving Program:...
CVE-2024-57963 Insecure Loading of Dynamic Link Libraries in USB-CONVERTERCABLE DRIVER
Insecure Loading of Dynamic Link Libraries have been discovered in USB-CONVERTERCABLE DRIVER, which could allow local attackers to potentially disclose information or execute arbitray code on affected systems. This issue affects USB-CONVERTERCABLE DRIVER:...
CVE-2024-57963
CVE-2024-57963 concerns the Hitachi USB-CONVERTERCABLE DRIVER, where an unsafe loading of dynamic link libraries could allow a local attacker to disclose information or execute arbitrary code on affected systems. The vulnerability affects the USB-CONVERTERCABLE DRIVER and is classified with local...
PT-2025-5371 · Rockwell Automation · Factorytalk® View Site Edition
Name of the Vulnerable Software and Affected Versions: Product and version affected versions not specified Description: A Local Code Injection issue exists due to incorrect default permissions, allowing for the execution of DLLs with higher-level permissions. Recommendations: At the moment, there...
The vulnerability of the Veeam Agent for Microsoft Windows data backup tool lies in the use of an unreliable search path, allowing a perpetrator to execute arbitrary code.
The vulnerability of the Veeam Agent for Microsoft Windows data backup tool is related to the use of an unreliable search path. Exploiting this vulnerability allows attackers to execute arbitrary code by introducing malicious DLL libraries...
The vulnerability of the Rockwell Automation Emulate3D software for virtual modeling of equipment and manufacturing processes lies in improper external control of file names or file paths, allowing a hacker to execute arbitrary code.
The vulnerability of the Rockwell Automation Emulate3D software for virtual modeling of equipment and manufacturing processes is related to improper external manipulation of file names or DLL files during library loading. Exploiting this vulnerability allows an attacker to execute arbitrary code...