CVE-2019-25268

NREL BEopt 2.8.0.0 contains a DLL hijacking vulnerability that allows attackers to load arbitrary libraries by tricking users into opening application files from remote shares. Attackers can exploit insecure library loading of sdl2.dll and libegl.dll by placing malicious libraries on WebDAV or SM...

CVE-2019-25268

This CVE affects NREL BEopt 2.8.0.0 . The vulnerability is a DLL hijacking issue caused by insecure loading of libraries, allowing an attacker to place malicious libraries on WebDAV or SMB shares (e.g., sdl2.dll and libegl.dll ) and execute arbitrary code when a user opens the application. Impact...

CVE-2019-25268 NREL BEopt 2.8.0 Insecure Library Loading Arbitrary Code Execution

NREL BEopt 2.8.0.0 contains a DLL hijacking vulnerability that allows attackers to load arbitrary libraries by tricking users into opening application files from remote shares. Attackers can exploit insecure library loading of sdl2.dll and libegl.dll by placing malicious libraries on WebDAV or SM...

CVE-2019-25268 NREL BEopt 2.8.0 Insecure Library Loading Arbitrary Code Execution

NREL BEopt 2.8.0.0 contains a DLL hijacking vulnerability that allows attackers to load arbitrary libraries by tricking users into opening application files from remote shares. Attackers can exploit insecure library loading of sdl2.dll and libegl.dll by placing malicious libraries on WebDAV or SM...

PT-2026-1673

Name of the Vulnerable Software and Affected Versions NREL BEopt version 2.8.0.0 Description The software contains a DLL hijacking issue that enables attackers to load arbitrary libraries. This is achieved by deceiving users into opening application files from remote shares. The insecure loading ...

curl: File URL UNC Path Access (Windows SSRF)

Vulnerability Details - CVSSv3: 7.5 High - Windows only - File: lib/urlapi.c:974-1030 - Issue: Windows file:// URLs accept UNC paths to remote servers - Impact: SSRF, unauthorized network file access, credential theft Vulnerable Code c // lib/urlapi.c:974-1030 ifptr0 != '/' &&...

CVE-2025-65176

An issue was discovered in Dynatrace OneAgent before 1.325.47. When attempting to access a remote network share from a machine where OneAgent is installed and receiving a "STATUSLOGONFAILURE" error, the agent will retrieve every user token on the machine and repeatedly attempt to access the netwo...

EUVD-2004-2720

Malware in sbrugna...

Hardcoded credentials

The Iomega Home Media Network Hard Drive with EMC Lifeline firmware before 2.104, Home Media Network Hard Drive Cloud Edition with EMC Lifeline firmware before 3.2.3.15290, iConnect with EMC Lifeline firmware before 2.5.26.18966, and StorCenter with EMC Lifeline firmware before 2.0.18.23122, 2.1....

eSignal Multiple Vulnerabilities

eSignal is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2004-2730

Sysinternals PsTools before 2.05, including 1 PsExec before 1.54, 2 PsGetsid before 1.41, 3 PsInfo before 1.61, 4 PsKill before 1.03, 5 PsList before 1.26, 6 PsLoglist before 2.51, 7 PsPasswd before 1.21, 8 PsService before 2.12, 9 PsSuspend before 1.05, and 10 PsShutdown before 2.32, does not...

CVE-2004-2730

CVE-2004-2730 describes a local privilege escalation in Sysinternals PsTools: an improper disconnection from remote IPC$ and ADMIN$ shares allows local users to access these shares with elevated privileges by reusing existing mappings. The connected Kaspersky entry (KLA10264) confirms a local-exp...

SMB Share Files Enumeration

By connecting to the remote host with the supplied credentials, this plugin enumerates files listed on the remote share and stores the list in the knowledge base so that it can be used by other plugins. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...