CVE-2018-15974

Adobe Framemaker versions 1.0.5.1 and below have an insecure library loading dll hijacking vulnerability. Successful exploitation could lead to privilege escalation...

CVE-2018-12449

The Whale browser installer 0.4.3.0 and earlier versions allows DLL hijacking...

CVE-2018-8090

Quick Heal Total Security 64 bit 17.00 QHTS64.exe, QHTSFT64.exe - Version 10.0.1.38; Quick Heal Total Security 32 bit 17.00 QHTS32.exe, QHTSFT32.exe - Version 10.0.1.38; Quick Heal Internet Security 64 bit 17.00 QHIS64.exe, QHISFT64.exe - Version 10.0.0.37; Quick Heal Internet Security 32 bit 17....

ruby-ffi DLL Hijacking Vulnerability

ruby-ffi is a Ruby extension that programmatically loads dynamic libraries, binds functions, and calls them from Ruby code. A security vulnerability exists in ruby-ffi. An attacker can exploit this vulnerability to hijack a DLL...

CVE-2018-7884

An issue was discovered in DisplayLink Core Software Cleaner Application 8.2.1956. When the drivers are updated to a newer version, the product launches a process as SYSTEM to uninstall the old version: cl1956.exe is run as SYSTEM on the %systemroot%\Temp folder, where any user can write a DLL...

CVE-2018-11551

AXON PBX 2.02 contains a DLL hijacking vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability exists because a DLL file is loaded by 'pbxsetup.exe' improperly...

Format Factory DLL Hijacking Vulnerability

Format Factory is a format conversion tool from the Chinese company Format Factory Network Format Factory Network. The program supports converting various types of audio, video and image files to the target format files. Format Factory version 4.1.0 has a DLL hijacking vulnerability in the...

CVE-2018-6306

Unauthorized code execution from specific DLL and is known as DLL Hijacking attack in Kaspersky Password Manager versions before 8.0.6.538...

CVE-2018-1435

IBM Notes 8.5 and 9.0 is vulnerable to a DLL hijacking attack. A remote attacker could trick a user to double click a malicious executable in an attacker-controlled directory, which could result in code execution. IBM X-Force ID: 139563...

CVE-2018-1437

IBM Notes 8.5 and 9.0 could allow an attacker to execute arbitrary code on the system, caused by an error related to multiple untrusted search path. A local attacker could exploit this vulnerability to DLL hijacking to execute arbitrary code on the system or cause the application to crash. IBM...

CVE-2018-6218

A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module UMH could allow an attacker to run arbitrary code on a vulnerable system...

CVE-2018-6318

In Sophos Tester Tool 3.2.0.7 Beta, the driver loads in the context of the application used to test an exploit or ransomware the DLL using a payload that runs from NTDLL.DLL so, it's run in userland, but the driver doesn't perform any validation of this DLL not its signature, not its hash, etc.. ...

CVE-2017-7327

Yandex Browser installer for Desktop before 17.4.1 has a DLL Hijacking Vulnerability because an untrusted search path is used for dnsapi.dll, winmm.dll, ntmarta.dll, cryptbase.dll or profapi.dll...

DLL Hijacking Vulnerability in FOFA Client

FOFA is a cyberspace asset search engine launched by WhiteHatHub. It can help users quickly match cyber assets and speed up the follow-up process, such as vulnerability impact range analysis, application distribution statistics, application popularity ranking statistics. A DLL hijacking...

QNAP Qsync for Windows DLL Hijacking Vulnerability

QNAP Qsync for Windows exe is a Windows-based application from QNAP Systems for synchronizing files in a QNAP NAS storage device. A DLL hijacking vulnerability exists in QNAP Qsync for Windows exe versions 4.2.2.0724 and earlier. A remote attacker can exploit this vulnerability to execute arbitra...

CVE-2017-8137

HedEx Earlier than V200R006C00 versions has a dynamic link library DLL hijacking vulnerability due to calling the DDL file by accessing a relative path. An attacker could exploit this vulnerability to tamper with the DLL file, leading to DLL hijacking...

dll hijacking vulnerability in Yisetron Data Security Guard

Yisetong Data Security Guard is a security product that specializes in preventing your private data assets from being illegally stolen or used by others in the process of sharing and storing. A dll hijacking vulnerability exists in Yisetone Data Safeguard. The vulnerability is due to an unsafe...

CVE-2017-5996

The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijacking because of weak %SYSTEMDRIVE%\ProgramData permissions...

CVE-2017-11158

Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Drive before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse 1 shfolder.dll, 2 ntmarta.dll, 3 secur32.dll or 4 dwmapi.dll file in th...

CVE-2017-12480

Sandboxie installer 5071703 has a DLL Hijacking or Unsafe DLL Loading Vulnerability via a Trojan horse dwmapi.dll or profapi.dll file in an AppData\Local\Temp directory...