CVE-2021-29949

When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, and the malicious...

ISaGRAF 代码问题漏洞

Rockwell Automation ISaGRAF is an automation software technology for creating integrated automation solutions from Rockwell Automation. It is designed to be scalable and portable and is suitable for the development of small controllers and large distributed automation systems. ISaGRAF suffers fro...

Adobe Genuine Service Code Issue Vulnerability

Adobe Genuine Service is a licensed software service from Adobe. A security vulnerability exists in Adobe Genuine Service 6.6 and earlier versions based on Window and macOS platforms, which stems from the program not loading libraries correctly. An attacker could exploit the vulnerability to...

Code injection

A vulnerability has been identified in LOGO! Soft Comfort All versions V8.4. The software insecurely loads libraries which makes it vulnerable to DLL hijacking. Successful exploitation by a local attacker could lead to a takeover of the system where the software is installed...

Samsung SMR 安全漏洞

Samsung SMR is a system firmware from Samsung South Korea. It provides storage for system applications. A security vulnerability exists in SMR Mar-2021 Release 1 that allows an attacker to load arbitrary ELF libraries in the DSP. No details of the vulnerability are provided at this time...

Luxion KeyShot 安全漏洞

Luxion KeyShot is a software for designing photos of 3D scenes from Luxion USA. The software enables a real-time 3D rendering workflow that displays results immediately and reduces the time required to create photorealistic product photos. A security vulnerability exists in the Luxion KeyShot...

The installer of SKYSEA Client View may insecurely load Dynamic Link Libraries

Overview SKYSEA Client View provided by Sky Co., LTD. is an Enterprise IT Asset Management Tool. The installer of SKYSEA Client View contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. shogo kumamaru of LAC Co.,Ltd reported this...

Epson Setupmanager Code Issue Vulnerability

Epson Setupmanager is a printer driver software from Epson Japan for Windows operating systems. A code issue vulnerability exists in the self-extracting file in version 2.2.1 of Epson Setupmanager, which could lead to unsafe loading of dynamic link libraries...

Windows Migration Assistant < 2.2.0.0 Arbitrary Code Execution (HT211186)

According to its self-reported version number, the version of Windows Migration Assistant installed on the remote host is prior to 2.2.0.0. It is, therefore, affected by an arbitrary code execution vulnerability due to a dynamic library loading issue. An unauthenticated, local attacker can exploi...

CVE-2020-16902

An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then...

Privilege escalation

An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then...

PT-2020-4267 · Microsoft · Windows Installer +1

Name of the Vulnerable Software and Affected Versions: Windows Installer affected versions not specified Description: The issue exists due to insufficient input validation in the Windows Installer, leading to insecure library loading behavior. A locally authenticated attacker could exploit this t...

UBUNTU-CVE-2020-24972

The Kleopatra component before 3.1.12 and before 20.07.80 for GnuPG allows remote attackers to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. The Qt platformpluginpath command-line option can be used to load an arbitrary DLL...

CVE-2020-9724

Adobe Lightroom versions 9.2.0.10 and earlier have an insecure library loading vulnerability. Successful exploitation could lead to privilege escalation...

CVE-2020-9724

Adobe Lightroom versions 9.2.0.10 and earlier have an insecure library loading vulnerability. Successful exploitation could lead to privilege escalation...

Privilege escalation

Adobe Lightroom versions 9.2.0.10 and earlier have an insecure library loading vulnerability. Successful exploitation could lead to privilege escalation...

CVE-2020-9724

Adobe Lightroom versions 9.2.0.10 and earlier have an insecure library loading vulnerability. Successful exploitation could lead to privilege escalation...

Adobe Lightroom Classic Insecure Library Loading Vulnerability

Adobe Lightroom is an image organization and image processing software. An insecure library loading vulnerability exists in Adobe Lightroom Classic 9.2.0.10 and earlier versions, which can be exploited by attackers to achieve elevation of privilege...

Mozilla Firefox Code Problem Vulnerability (CNVD-2020-46337)

Mozilla Firefox and others are products of the Mozilla Foundation in the U.S.A. Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser.Mozilla Thunderbird is a suite of e-mail client software separate from the Mozilla Application...

CVE-2020-1418

An elevation of privilege vulnerability exists when the Windows Diagnostics Execution Service fails to properly sanitize input, leading to an unsecure library-loading behavior, aka 'Windows Diagnostics Hub Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1393...