8 matches found
EUVD-2023-26930
Malicious code in bioql PyPI...
PT-2025-36904
Name of the Vulnerable Software and Affected Versions: Sunshine for Windows version v2025.122.141614 Description: Sunshine for Windows version v2025.122.141614 contains a DLL search-order hijacking vulnerability. This allows attackers to insert a malicious DLL into user-writable PATH directories...
ESET多款产品 安全漏洞
ESET Endpoint Antivirus and others are products of ESET Corporation.ESET Endpoint Antivirus is an on-premise and cloud-based anti-malware and security suite for small, medium and large businesses.ESET Security is a line of security antivirus software.ESET NOD32 Antivirus is an antivirus program. ...
CVE-2023-22818
CVE-2023-22818 affects the SanDisk Security Installer for Windows. The issue is a DLL search order hijack that allows a local attacker to cause the installer to load a malicious DLL from the attacker’s folder, enabling arbitrary code execution with the privileges of the vulnerable installer and p...
CVE-2023-22818 Multiple DLL Search Order hijacking Vulnerabilities in SanDisk Security Installer for Windows
Multiple DLL Search Order Hijack vulnerabilities were addressed in the SanDisk Security Installer for Windows that could allow attackers with local access to execute arbitrary code by executing the installer in the same folder as the malicious DLL. This can lead to the execution of arbitrary code...
CVE-2020-9672
Adobe ColdFusion 2016 update 15 and earlier versions, and ColdFusion 2018 update 9 and earlier versions have a dll search-order hijacking vulnerability. Successful exploitation could lead to privilege escalation...
CVE-2019-3646
DLL Search Order Hijacking vulnerability in Microsoft Windows client in McAfee Total Protection MTP Free Antivirus Trial 16.0.R18 and earlier allows local users to execute arbitrary code via execution from a compromised folder placed by an attacker with administrator rights...
CVE-2019-3587
DLL Search Order Hijacking vulnerability in Microsoft Windows client in McAfee Total Protection MTP Prior to 16.0.18 allows local users to execute arbitrary code via execution from a compromised folder...