CVE-2023-53937 Hubstaff 1.6.14 DLL Search Order Hijacking via wow64log Library

Hubstaff 1.6.14 contains a DLL search order hijacking vulnerability that allows attackers to replace a missing system32 wow64log.dll with a malicious library. Attackers can generate a custom DLL using Metasploit and place it in the system32 directory to obtain a reverse shell during application...

CVE-2025-12046

A DLL hijacking vulnerability was reported in the Lenovo App Store and Lenovo Browser applications that could allow a local authenticated user to execute code with elevated privileges under certain conditions...

CVE-2025-34417 MailEnable < 10.54 DLL Hijacking via Unsafe Loading of MEAISO.DLL

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAISO.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

CVE-2025-34417 MailEnable < 10.54 DLL Hijacking via Unsafe Loading of MEAISO.DLL

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAISO.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

CVE-2025-34416 MailEnable < 10.54 DLL Hijacking via Unsafe Loading of MEAIPO.DLL

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIPO.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

CVE-2025-34416 MailEnable < 10.54 DLL Hijacking via Unsafe Loading of MEAIPO.DLL

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIPO.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

CVE-2025-34424

MailEnable (Windows) versions prior to 10.54 are affected by an unsafe DLL loading issue where the administrative executable loads MEAIDP.DLL from the installation directory without proper integrity checks or a secure search order. This allows a local attacker with write access to that directory ...

CVE-2025-34423 MailEnable < 10.54 DLL Hijacking via Unsafe Loading of MEAIAU.DLL

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIAU.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

EUVD-2025-202423

A DLL hijacking vulnerability was reported in the Lenovo App Store and Lenovo Browser applications that could allow a local authenticated user to execute code with elevated privileges under certain conditions...

CVE-2025-34396 MailEnable < 10.54 DLL Hijacking via Unsafe Loading of MEAINFY.DLL

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAINFY.DLL from its application directo without sufficient integrity validation or secure search order. If the...

CVE-2025-34396 MailEnable < 10.54 DLL Hijacking via Unsafe Loading of MEAINFY.DLL

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAINFY.DLL from its application directo without sufficient integrity validation or secure search order. If the...

CVE-2025-5470 Dylib Hijacking in Yandex Disk

Uncontrolled Search Path Element vulnerability in Yandex Disk on MacOS allows Search Order Hijacking.This issue affects Disk: before 3.2.45.3275...

CVE-2025-49642 Agent builds for AIX vulnerable to library loading hijacking

Library loading on AIX Zabbix Agent builds can be hijacked by local users with write access to the /home/cecuser directory...

CVE-2025-49642

CVE-2025-49642 affects the Zabbix Agent for AIX. The issue is an insecure library search path that could allow a local attacker with write access to /home/cecuser to hijack library loading, enabling partial impact on confidentiality/integrity/availability as described in the sources. No patch/ver...

CVE-2025-66265 Insecure permissions in configuration directory (C:\\usr)

CMService.exe creates the C:\usr directory and subdirectories with insecure permissions, granting write access to all authenticated users. This allows attackers to replace configuration files such as snmp.conf or hijack DLLs to escalate privileges...

MegaTec ClientMate 安全漏洞

MegaTec ClientMate is a power management software from Taiwan, China-based MegaTec. A security vulnerability exists in MegaTec ClientMate that stems from insecure permissions in the C:\usr directory, which could lead to configuration file replacement or DLL hijacking...

EUVD-2024-19528

A DLL hijacking vulnerability in AMD StoreMI™ could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...

CVE-2024-21922

CVE-2024-21922 describes a DLL hijacking vulnerability in AMD StoreMI that could lead to privilege escalation and arbitrary code execution. Affected product: AMD StoreMI; vulnerability class: DLL hijacking. CVSSv3.1 metrics indicate Local attack vector, Low access/privilege requirements, User int...

PT-2025-47849

Name of the Vulnerable Software and Affected Versions AMD StoreMI™ affected versions not specified Description A DLL hijacking issue exists in AMD StoreMI™. Successful exploitation could allow an attacker to gain higher privileges, potentially leading to arbitrary code execution. Recommendations ...

AMD StoreMI 安全漏洞

AMD StoreMI is an intelligent storage management technology developed by AMD that automatically optimizes data storage locations to improve system performance by combining the benefits of solid state drives SSDs and mechanical hard drives HDDs. AMD StoreMI suffers from a DLL hijacking vulnerabili...