799 matches found
CVE-2020-12050
SQLiteODBC 0.9996, as packaged for certain Linux distributions as 0.9996-4, has a race condition leading to root privilege escalation because any user can replace a /tmp/sqliteodbc$$ file with new contents that cause loading of an arbitrary library...
UBUNTU-CVE-2020-12050
SQLiteODBC 0.9996, as packaged for certain Linux distributions as 0.9996-4, has a race condition leading to root privilege escalation because any user can replace a /tmp/sqliteodbc$$ file with new contents that cause loading of an arbitrary library...
Schneider Electric Limited CET850 suffers from a dll hijacking vulnerability
Schneider Electric SA is a global electrical company headquartered in France. A dll hijacking vulnerability exists in Schneider Electric SA CET850, which can be exploited by an attacker to load a malicious dll and execute malicious code...
CVE-2020-3803
Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have an insecure library loading dll hijacking vulnerability. Successful exploitation could lead to privilege escalation...
CVE-2020-3803
Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have an insecure library loading dll hijacking vulnerability. Successful exploitation could lead to privilege escalation...
Privilege escalation
Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have an insecure library loading dll hijacking vulnerability. Successful exploitation could lead to privilege escalation...
CVE-2020-3803
Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have an insecure library loading dll hijacking vulnerability. Successful exploitation could lead to privilege escalation...
Adobe Reader < 2015.006.30518 / 2017.011.30166 / 2020.006.20042 Multiple Vulnerabilities (APSB20-13) (macOS)
The version of Adobe Reader installed on the remote macOS host is a version prior to 2015.006.30518, 2017.011.30166, or 2020.006.20042. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.3015...
CVE-2020-0798
An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka 'Windows Installer...
Privilege escalation
An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka 'Windows Installer...
Tencent Document Dll Hijacking Vulnerability
Tencent Document is an online document that allows for multi-person collaboration. Tencent Document has a Dll hijacking vulnerability that can be exploited by attackers to load a malicious dll and execute arbitrary code...
CVE-2016-6592
A vulnerability was found in Symantec Norton Download Manager versions prior to 5.6. A remote user can create a specially crafted DLL file that, when placed on the target user's system, will cause the Norton Download Manager component to load the remote user's DLL instead of the intended DLL and...
Microsoft Security Advisory: Insecure library loading could allow remote code execution
Microsoft Security Advisory: Insecure library loading could allow remote code execution INTRODUCTION Microsoft has released a Microsoft security advisory about this issue for IT professionals. The security advisory contains additional security-related information. To view the security advisory,...
DLL Hijacking Vulnerability in 2345 Ace Input Method
2345 Ace Input Method is a Chinese input software for PC launched by Shanghai 2-3-4-5 Mobile Technology Co. 2345 Ace Input Method has a DLL hijacking vulnerability, which can be exploited by attackers to load a malicious dll and execute malicious code...
Code injection
A dynamic library loading issue existed in iTunes setup. This was addressed with improved path searching. This issue is fixed in macOS Catalina 10.15.1, iTunes for Windows 12.10.2. Running the iTunes installer in an untrusted directory may result in arbitrary code execution...
CVE-2019-8801
A dynamic library loading issue existed in iTunes setup. This was addressed with improved path searching. This issue is fixed in macOS Catalina 10.15.1, iTunes for Windows 12.10.2. Running the iTunes installer in an untrusted directory may result in arbitrary code execution...
STAMP Workbench Installer Code Issue Vulnerability
STAMP Workbench is a modeling tool that supports support for STAMP Systems Theory Accident Models and Processes/STPA Systems Theory Process Analysis. A code issue vulnerability exists in the STAMP Workbench installer that can be exploited by an attacker to cause unsafe loading of dynamic link...
Privilege escalation
Adobe Illustrator CC versions 23.1 and earlier have an insecure library loading dll hijacking vulnerability. Successful exploitation could lead to privilege escalation...
Privilege escalation
Adobe Animate CC versions 19.2.1 and earlier have an insecure library loading dll hijacking vulnerability. Successful exploitation could lead to privilege escalation...
CVE-2019-7962
Adobe Illustrator CC versions 23.1 and earlier are affected by CVE-2019-7962 due to an insecure library loading (DLL hijacking) vulnerability. The underlying issue is loading of malicious libraries from user-writable paths, enabling privilege escalation on a local system. Affected products includ...