CVE-2020-5145

SonicWall Global VPN client version 4.10.4.0314 and earlier have an insecure library loading DLL hijacking vulnerability. Successful exploitation could lead to remote code execution in the target system...

Adobe Acrobat/Reader Insecure Library Loading (DLL Hijacking) Vulnerability

Adobe Acrobat is a PDF editing software developed by Adobe.Adobe Reader also known as Acrobat Reader is a PDF file reader developed by Adobe. Adobe Acrobat/Reader has an insecure library loading DLL hijacking vulnerability. An attacker can exploit this vulnerability to achieve elevation of...

CVE-2019-5539

VMware Workstation 15.x prior to 15.5.1 and Horizon View Agent 7.10.x prior to 7.10.1 and 7.5.x prior to 7.5.4 contain a DLL hijacking vulnerability due to insecure loading of a DLL by Cortado Thinprint. Successful exploitation of this issue may allow attackers with normal user privileges to...

Debian DSA-4521-1 : docker.io - security update

Three security vulnerabilities have been discovered in the Docker container runtime: Insecure loading of NSS libraries in 'docker cp'could result in execution of code with root privileges, sensitive data could be logged in debug mode and there was a command injection vulnerability in the 'docker...

Adobe Character Animator CC 2019 Insecure Library Loading (DLL Hijacking) Vulnerability

Adobe Character Animator CC 2019 is a desktop application software product that combines real-time motion capture with a multi-track recording system to control layered 2D puppets drawn in Photoshop or Illustrator. An insecure library loading DLL hijacking vulnerability exists in Adobe Character...

Electronic reception and examination of application for radio licenses Offline may insecurely load Dynamic Link Libraries

Overview Electronic reception and examination of application for radio licenses Offline contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privileges of the running software. Solution Upda...

Microsoft Windows 7 Dynamic Link Library Unsafe Loading Vulnerability

Windows 7 is an operating system developed by Microsoft with the kernel version number Windows NT 6.1. Microsoft Windows 7 suffers from an insecure loading of dynamic link libraries vulnerability. An attacker can exploit this vulnerability to execute arbitrary code via specially crafted DLL files...

JVN#83826673: The installers of UNLHA32.DLL, UNARJ32.DLL and LHMelting may insecurely load Dynamic Link Libraries

The installers of UNLHA32.DLL, UNARJ32.DLL and LHMelting provided by Micco use the old version of Self-Extracting Archives created by UNLHA32.DLL. They contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427, CVE-2018-16189. Impact Arbitrary...

CVE-2018-15983

Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have an insecure library loading dll hijacking vulnerability. Successful exploitation could lead to privilege escalation...

Installer of Mapping Tool may insecurely load Dynamic Link Libraries

Overview Installer of Mapping Tool provided by Japan Atomic Energy Agency contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Takashi Sugawara reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Informatio...

Apache Superset Command Execution Vulnerability

Apache Superset is an enterprise-class business intelligence Web application from the Apache Apache Software Foundation in the United States. The program includes features such as mutual data visualization and enterprise-level authentication. A security vulnerability exists in Apache Superset...

The installer of Baidu Browser may insecurely load Dynamic Link Libraries

Overview Baidu Browser provided by Baidu, Inc. is a Web browser. The installer of Baidu Browser contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Asuka Nakajima of NTT Secure Platform Laboratories reported this vulnerability to IPA...

The installer of Digital Paper App may insecurely load Dynamic Link Libraries

Overview Digital Paper App provided by Sony Corporation is document management software exclusively for Sony Digital Paper. The installer of Digital Paper App contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Yuji Tounai of NTT...

CVE-2018-8090

Quick Heal Total Security 64 bit 17.00 QHTS64.exe, QHTSFT64.exe - Version 10.0.1.38; Quick Heal Total Security 32 bit 17.00 QHTS32.exe, QHTSFT32.exe - Version 10.0.1.38; Quick Heal Internet Security 64 bit 17.00 QHIS64.exe, QHISFT64.exe - Version 10.0.0.37; Quick Heal Internet Security 32 bit 17....

JVN#13940333: The installer of PlayMemories Home for Windows may insecurely load Dynamic Link Libraries

PlayMemories Home for Windows provided by Sony Corporation is Image Management Software. The installer of PlayMemories Home for Windows contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the...

JVN#79301396: Susie plug-in "axpdfium" may insecurely load Dynamic Link Libraries

Susie plug-in "axpdfium" contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user running the program where "axpdfium" is used. Solution Update the plug-in Update the plug-...

Kaspersky Password Manager Unauthorized Vulnerability

Kaspersky Password Manager is a suite of password management software from Russia's Kaspersky Lab. The program is capable of protecting personal passwords, bank card information, private documents and more. A security vulnerability exists in versions of Kaspersky Password Manager prior to...

Installer of SoundEngine Free may insecurely load Dynamic Link Libraries

Overview Installer of SoundEngine Free contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warni...

The installer of PhishWall Client Internet Explorer edition may insecurely load Dynamic Link Libraries

Overview PhishWall Client Internet Explorer edition provided by SecureBrain Corporation is anti-phishing and anti-MITB software. The installer of PhishWall Client Internet Explorer edition contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries...

JVN#39896275: The installer of PhishWall Client Firefox and Chrome edition for Windows may insecurely load Dynamic Link Libraries

PhishWall Client Firefox and Chrome edition for Windows provided by SecureBrain Corporation is an anti-phishing and anti-MITB software. The installer of PhishWall Client Firefox and Chrome edition for Windows contains an issue with the DLL search path, which may lead to insecurely loading Dynamic...