113 matches found
Captura 代码问题漏洞
Captura is a free and open source screen recording tool from the individual developer Mathew Sachin. A code issue vulnerability exists in Captura 8.0.0 and prior versions, which stems from faulty code in the library CRYPTBASE.dll that can lead to uncontrolled search paths...
The vulnerability of the library for working with X Pixmap (XPM) files, libXpm, is related to insecure search paths, allowing attackers to execute arbitrary code with elevated privileges.
The vulnerability of the library for working with X Pixmap XPM files involves the use of the $PATH variable to execute commands responsible for unpacking .Z or .gz files. Exploiting this vulnerability allows an attacker to execute arbitrary code with elevated privileges...
Bloom filters 代码问题漏洞
Bloom filters is a Golang-based implementation of Bloom filters. A code issue vulnerability exists in Bloom filters versions prior to 3.3.1 that stems from uncontrolled search path elements...
openSUSE openldap2代码问题漏洞
openSUSE openldap2 is a Lightweight Directory Access Protocol v3 LDAPv3 client and server reference implementation from SUSE Germany. The server provides several database backends and overlays. A code issue vulnerability exists in openSUSE openldap2 versions prior to 2.3.6 through 404.1, which...
SAP BusinessObjects BW Publisher Service 代码问题漏洞
SAP BusinessObjects BW Publisher Service is a model-driven data warehouse product from SAP Germany. An elevation of privilege vulnerability exists in versions 420 and 430 of the SAP BusinessObjects BW Publisher Service, which stems from the use of search paths that contain un-referenced elements,...
Privilege Defined With Unsafe Actions
Overview System.Management.Automation is a System Management Automation for PowerShell. Affected versions of this package are vulnerable to Privilege Defined With Unsafe Actions in the module search paths that will return empty strings for special folders that don't exist in some accounts like...
Design/Logic Flaw
In ListCheck.exe in Acer Care Center 4.x before 4.00.3038, a vulnerability in the loading mechanism of Windows DLLs could allow a local attacker to perform a DLL hijacking attack. This vulnerability is due to incorrect handling of directory search paths at run time. An attacker could exploit this...
The vulnerability of the Adobe Animate program for creating multimedia and computer animations lies in the use of an unreliable search path during the loading of dynamic DLL libraries, which allows attackers to exploit their privileges.
The vulnerability of the Adobe Animate program for creating multimedia and computer animations is related to the use of an unreliable search path during the loading of dynamic DLL libraries. Exploiting this vulnerability can allow attackers to gain increased privileges...
Siemens network software vulnerabilities, related to the lack of commas in the syntax of elements or search paths, allow attackers to execute arbitrary code with elevated privileges.
The vulnerability of Siemens network software is related to the absence of commas in the syntax of elements or search paths. Exploiting this vulnerability allows an attacker to execute arbitrary code with elevated privileges...
CVE-2021-1386 Cisco Advanced Malware Protection for Endpoints Windows Connector, ClamAV for Windows, and Immunet DLL Hijacking Vulnerability
A vulnerability in the dynamic link library DLL loading mechanism in Cisco Advanced Malware Protection AMP for Endpoints Windows Connector, ClamAV for Windows, and Immunet could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected Windows system. To exploit this...
CVE-2021-1386 Cisco Advanced Malware Protection for Endpoints Windows Connector, ClamAV for Windows, and Immunet DLL Hijacking Vulnerability
A vulnerability in the dynamic link library DLL loading mechanism in Cisco Advanced Malware Protection AMP for Endpoints Windows Connector, ClamAV for Windows, and Immunet could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected Windows system. To exploit this...
The vulnerability of server installers for Building Management Systems Enterprise Server and Enterprise Central on Windows operating systems allows a hacker to increase their privileges.
The vulnerability of server installers for Building Management Systems like Enterprise Server and Enterprise Central on Windows operating systems is related to the absence of quotation marks in the wording of search elements or paths. Exploiting this vulnerability can allow attackers to increase...
CVE-2021-1280
A vulnerability in the loading mechanism of specific DLLs of Cisco Advanced Malware Protection AMP for Endpoints for Windows and Immunet for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need valid...
Code injection
A vulnerability in the loading mechanism of specific DLLs of Cisco Advanced Malware Protection AMP for Endpoints for Windows and Immunet for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need valid...
CVE-2021-1280
CVE-2021-1280 describes a DLL hijacking vulnerability in the loading mechanism of specific DLLs used by Cisco AMP for Endpoints (Windows) and Immunet (Windows). An authenticated, local attacker could exploit improper directory search path handling by placing a malicious DLL on the target system, ...
CVE-2021-1280 Cisco Advanced Malware Protection for Endpoints and Immunet for Windows DLL Hijacking Vulnerability
A vulnerability in the loading mechanism of specific DLLs of Cisco Advanced Malware Protection AMP for Endpoints for Windows and Immunet for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need valid...
CVE-2021-1280 Cisco Advanced Malware Protection for Endpoints and Immunet for Windows DLL Hijacking Vulnerability
A vulnerability in the loading mechanism of specific DLLs of Cisco Advanced Malware Protection AMP for Endpoints for Windows and Immunet for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need valid...
Cisco Advanced Malware Protection for Endpoints and Immunet for Windows DLL Hijacking Vulnerability
A vulnerability in the loading mechanism of specific DLLs of Cisco Advanced Malware Protection AMP for Endpoints for Windows and Immunet for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need valid...
PT-2020-5919 · Siemens · Sinamics Startdrive +14
Name of the Vulnerable Software and Affected Versions: SIMATIC Automation Tool versions prior to V4 SP2 SIMATIC NET PC Software V14 versions prior to V14 SP1 Update 14 SIMATIC NET PC Software V15 versions SIMATIC NET PC Software V16 versions prior to V16 Upd3 SIMATIC PCS neo versions prior to V3....
CVE-2019-13637
In LogMeIn join.me before 3.16.0.5505, an attacker could execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI that is defined in Windows. An attacker could exploit this vulnerability by convincing a targeted user to follow a...