37 matches found
CVE-2026-40031
MemProcFS 处理在版本 5.17 之前存在多处不安全的库加载模式,导致跨六个攻击面发生 DLL/共享库劫持。攻击者若在工作目录中放置恶意 DLL/共享库,或操控 LD_LIBRARY_PATH,便可在 MemProcFS 加载时实现任意代码执行。根本原因是对加载库的路径未进行严格限定,利用 bare-name LoadLibraryU/dlopen 未带路径的调用进行加载。影响面涉及本地攻击向量、可用性和完整性及机密性均可能被高影响波及。若存在利用,文档未给出具体利用细节。建议升级至 5.17 及以上版本以修复该加载模式问题;如不能立即升级,可结合路径限定、工作目录隔离及库加载 ...
CVE-2025-34421
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAISP.DLL from its installation directory without sufficient integrity validation or a secure search order. A...
CVE-2025-34417
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAISO.DLL from its installation directory without sufficient integrity validation or a secure search order. A...
CVE-2025-34422
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIPC.DLL from its installation directory without sufficient integrity validation or a secure search order. A...
EUVD-2025-202441
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIDP.DLL from its installation directory without sufficient integrity validation or a secure search order. A...
EUVD-2025-202440
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIMF.DLL from its installation directory without sufficient integrity validation or a secure search order. A...
EUVD-2025-202438
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIPO.DLL from its installation directory without sufficient integrity validation or a secure search order. A...
CVE-2025-34396
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAINFY.DLL from its application directo without sufficient integrity validation or secure search order. If the...
CVE-2025-34424
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIDP.DLL from its installation directory without sufficient integrity validation or a secure search order. A...
CVE-2025-34424
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIDP.DLL from its installation directory without sufficient integrity validation or a secure search order. A...
CVE-2025-34420
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIAM.DLL from its installation directory without sufficient integrity validation or a secure search order. A...
CVE-2025-34420
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIAM.DLL from its installation directory without sufficient integrity validation or a secure search order. A...
CVE-2025-34417
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAISO.DLL from its installation directory without sufficient integrity validation or a secure search order. A...
CVE-2025-34419 MailEnable < 10.54 DLL Hijacking via Unsafe Loading of MEAISM.DLL
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAISM.DLL from its installation directory without sufficient integrity validation or a secure search order. A...
CVE-2025-34418
MailEnable before version 10.54 is affected by an unsafe DLL loading vulnerability. The administrative executable loads MEAIMF.DLL from the installation directory without proper integrity validation or a secure search order. A local attacker with write access to that directory can place a malicio...
PT-2025-50344
Name of the Vulnerable Software and Affected Versions MailEnable versions prior to 10.54 Description MailEnable versions prior to 10.54 have an unsafe DLL loading issue that could allow a local attacker to run arbitrary code. The MailEnable administrative executable loads MEAIAM.DLL from the...
CVE-2025-34396
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAINFY.DLL from its application directo without sufficient integrity validation or secure search order. If the...
PT-2025-50135
Name of the Vulnerable Software and Affected Versions MailEnable versions prior to 10.54 Description MailEnable versions prior to 10.54 have an unsafe DLL loading issue that could allow a local attacker to execute arbitrary code. The MailEnable administrative executable attempts to load MEAINFY.D...
Hitachi HVAC Energy Saving Program 安全漏洞
Hitachi HVAC Energy Saving Program is an energy saving program project of Hitachi, Ltd Hitachi, Japan. A security vulnerability exists in Hitachi HVAC Energy Saving Program that originates from an unsafe loading of a dynamic link library, which could lead to local code execution or information...
Adobe Digital Editions < 4.5.5 Multiple Vulnerabilities (APSB17-20)
The version of Adobe Digital Editions installed on the remote Windows host is prior to 4.5.5. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB17-20 advisory. - Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The...