Lucene search
K

1406 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/05/13 6:41 a.m.18 views

Bytello Share (Windows Edition) installer executable insecurely loads Dynamic Link Libraries

Overview GUARDIANWALL MailSuite provided by Canon Marketing Japan Inc. contains the following vulnerability. Stack-based buffer overflow in pop3wallpasswd command CWE-121 - CVE-2026-32661 The developer states that attacks exploiting the vulnerability has been observed in GUARDIANWALL MailSuite...

9.8CVSS7.5AI score0.00472EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/13 5:44 a.m.44 views

CVE-2026-44612

Bytello Share Windows Edition installer executable provided by Bytello insecurely loads Dynamic Link Libraries. If there is a crafted DLL at the same directory when invoking the affected installer, arbitrary code may be executed with the privilege of the user invoking the installer...

8.4CVSS0.00123EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/29 8:48 p.m.6 views

CVE-2025-10549

EfficientLab Controlio before v1.3.95 contains a DLL hijacking vulnerability caused by weak folder permissions in the installation directory. A local attacker can place a specially crafted DLL in this directory and achieve arbitrary code execution with highest privileges, because the affected...

5.1CVSS6.2AI score0.00163EPSS
Exploits1References1
CVE
CVE
added 2026/04/29 1:42 p.m.10 views

CVE-2026-25852

Local privilege escalation via DLL hijacking in Acronis DeviceLock DLP (Windows) prior to build 9.0.93212. Root cause: DLL hijacking. Impact: local elevation of privileges. Remediation: upgrade to build 9.0.93212 or newer. Exploitation details not provided in the supplied documents.

6.7CVSS6.4AI score0.0009EPSS
Exploits0References1
NVD
NVD
added 2026/04/28 10:16 a.m.9 views

CVE-2026-7279

AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specific directory, resulting in arbitrary code execution with system privileges when the system loads the DLL...

8.5CVSS0.00114EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/28 9:39 a.m.6 views

EUVD-2026-26028

AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specific directory, resulting in arbitrary code execution with system privileges when the system loads the DLL...

8.5CVSS6.2AI score0.00114EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/28 9:39 a.m.8 views

CVE-2026-7279

AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specific directory, resulting in arbitrary code execution with system privileges when the system loads the DLL...

8.5CVSS6.2AI score0.00114EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.11 views

PT-2026-35706

AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specific directory, resulting in arbitrary code execution with system privileges when the system loads the DLL...

8.5CVSS6.2AI score0.00114EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.8 views

eMPIA AVACAST 代码问题漏洞

eMPIA AVACAST is a USB video capture and encoding device developed by eMPIA in Taiwan, China. eMPIA AVACAST has a code vulnerability that stems from DLL hijacking. This vulnerability allows authenticated local attackers to place malicious DLLs in specific directories. When the system loads these...

8.5CVSS6AI score0.00114EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/23 9:32 a.m.5 views

EUVD-2026-25194

IP Setting Software contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrative privileges...

7.3CVSS7.3AI score0.00144EPSS
Exploits0References3
NVD
NVD
added 2026/04/23 12:16 a.m.3 views

CVE-2026-32679

The installers of LiveOn Meet Client for Windows Downloader5Installer.exe and Downloader5InstallerForAdmin.exe and the installers of Canon Network Camera Plugin CanonNWCamPlugin.exe and CanonNWCamPluginForAdmin.exe insecurely load Dynamic Link Libraries DLLs. If a malicious DLL is placed at the...

8.4CVSS0.0016EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/23 12:2 a.m.36 views

CVE-2026-32679

The installers of LiveOn Meet Client for Windows Downloader5Installer.exe and Downloader5InstallerForAdmin.exe and the installers of Canon Network Camera Plugin CanonNWCamPlugin.exe and CanonNWCamPluginForAdmin.exe insecurely load Dynamic Link Libraries DLLs. If a malicious DLL is placed at the...

8.4CVSS0.0016EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/23 12:2 a.m.11 views

CVE-2026-32679

The installers of LiveOn Meet Client for Windows Downloader5Installer.exe and Downloader5InstallerForAdmin.exe and the installers of Canon Network Camera Plugin CanonNWCamPlugin.exe and CanonNWCamPluginForAdmin.exe insecurely load Dynamic Link Libraries DLLs. If a malicious DLL is placed at the...

8.4CVSS5.9AI score0.0016EPSS
Exploits0References3Affected Software4
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.8 views

i-PRO IP Setting Software 代码问题漏洞

i-PRO IP Setting Software is a management tool developed by the Japanese company i-PRO, designed for discovering devices and configuring network parameters in bulk. The i-PRO IP Setting Software has a code vulnerability related to the DLL search path. This vulnerability may lead to the insecure...

7.3CVSS7.3AI score0.00144EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.7 views

PT-2026-34644

EfficientLab Controlio before v1.3.95 contains a DLL hijacking vulnerability caused by weak folder permissions in the installation directory. A local attacker can place a specially crafted DLL in this directory and achieve arbitrary code execution with highest privileges, because the affected...

6.4AI score0.00163EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.7 views

Japan Media Systems LiveOn Meet Client和Canon Network Camera Plugin 代码问题漏洞

Japan Media Systems LiveOn Meet Client and Canon Network Camera Plugin are both products of Japan Media Systems, a company based in Japan. Japan Media Systems LiveOn Meet Client is a client application that supports online meetings, real-time audio and video communication, and collaboration. The...

8.4CVSS7.3AI score0.0016EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.6 views

PT-2026-34642

IP Setting Software contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrative privileges...

7.3CVSS7.3AI score0.00144EPSS
Exploits0References2
HackRead
HackRead
added 2026/04/22 1:57 p.m.9 views

Mustang Panda Hits India and S. Korea with Updated LOTUSLITE Backdoor

Acronis reveals Mustang Panda is using an updated version of LOTUSLITE backdoor to target Indian banks and Korean diplomats. Learn how this DLL sideloading attack works...

5.7AI score
Exploits0
Patchstack
Patchstack
added 2026/04/22 10:40 a.m.6 views

WordPress Link Library plugin <= 7.8.8 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Link Library versions = 7.8.8...

5.2AI score0.00327EPSS
Exploits0Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/04/22 6:45 a.m.9 views

Installers of LiveOn Meet Client for Windows and its plugin may insecurely load Dynamic Link Libraries

Overview LiveOn Meet provided by Japan Media Systems Corporation is a web conferencing system. The installer of LiveOn Meet Client for Windows and the installer of Canon Network Camera Plugin insecurely load Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2026-32679 This...

8.4CVSS7.5AI score0.0016EPSS
Exploits0References5
Rows per page
Query Builder