20 matches found
CVE-2026-3780
The application's installer runs with elevated privileges but resolves system executables and DLLs using untrusted search paths that can include user-writable directories, allowing a local attacker to place malicious binaries with the same names and have them loaded or executed instead of the...
EUVD-2026-17761
The application's installer runs with elevated privileges but resolves system executables and DLLs using untrusted search paths that can include user-writable directories, allowing a local attacker to place malicious binaries with the same names and have them loaded or executed instead of the...
CVE-2026-3780 Foxit PDF Editor/Reader Installer Uncontrolled Search Path Privilege Escalation
The application's installer runs with elevated privileges but resolves system executables and DLLs using untrusted search paths that can include user-writable directories, allowing a local attacker to place malicious binaries with the same names and have them loaded or executed instead of the...
CVE-2026-3780
The application's installer runs with elevated privileges but resolves system executables and DLLs using untrusted search paths that can include user-writable directories, allowing a local attacker to place malicious binaries with the same names and have them loaded or executed instead of the...
CVE-2026-3780
CVE-2026-3780 concerns Foxit PDF Editor/Reader installers on Windows. The root cause is an installer that runs with elevated privileges while resolving system executables and DLLs using untrusted search paths that may include user-writable directories. This allows a local attacker to place malici...
Foxit PDF Reader和Foxit PDF Editor 安全漏洞
Foxit PDF Reader and Foxit PDF Editor are products of Foxit Corporation, a Chinese company. Foxit PDF Reader is a PDF reader. Foxit PDF Editor is a PDF editor. Both Foxit PDF Reader and Foxit PDF Editor have security vulnerabilities. These vulnerabilities stem from the installer’s elevated...
PT-2026-29440
Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description The application's installer operates with elevated privileges but utilizes untrusted search paths to resolve system executables and DLLs. These paths can includ...
Adobe Illustrator 代码问题漏洞
Adobe Illustrator is a vector-based image creation software developed by Adobe Inc. Versions 29.8.4, 30.1, and earlier of Adobe Illustrator have code vulnerabilities. These vulnerabilities stem from untrusted search paths, which may allow arbitrary code to be executed in the current user...
Autodesk 3ds Max 代码问题漏洞
Autodesk 3ds Max is a full-featured 3D computer graphics software developed by Autodesk, Inc. There are code vulnerabilities in Autodesk 3ds Max. These vulnerabilities stem from the use of untrusted search paths when opening max files, which may lead to the execution of arbitrary code...
Yandex Telemost 代码问题漏洞
Yandex Telemost is an application for easily creating video calls or video chats from the Russian company Yandex. A security vulnerability exists in Yandex Telemost for Desktop prior to version 2.7.0, which stems from the use of untrusted search paths and may lead to DLL hijacking...
CVE-2012-4880
Multiple untrusted search path vulnerabilities in DVD Architect Pro 5.2 Build 133 and DVD Architect Studio 5.0 Build 156 allow local users to gain privileges via a Trojan horse 1 encmp2v.200 or 2 CFHDDecoder.dll file in the current working directory, as demonstrated by a directory that contains a...
Rise Mode Temp CPU 代码问题漏洞
Rise Mode Temp CPU is a CPU driver from Rise. A code issue vulnerability exists in Rise Mode Temp CPU version 2.1, which stems from the library CRYPTBASE.dll of the component Startup that leads to untrusted search paths...
Epic Games Launcher 代码问题漏洞
Epic Games Launcher is a game software launcher from Epic Games USA. A code issue vulnerability exists in Epic Games Launcher version 17.2.1 and earlier, which stems from code in the profapi.dll library in the component Installer that can lead to untrusted search paths...
RetroArch 代码问题漏洞
RetroArch is a reference front-end to the Libretro API open-sourced by Libretro. A code issue vulnerability exists in RetroArch versions prior to 1.19.1, which stems from some functionality in the component Startup profapi.dll that leads to untrusted search paths...
VulnCheck KEV: CVE-2024-6473
Yandex Browser for Desktop before 24.7.1.380 has a DLL Hijacking Vulnerability because an untrusted search path is used...
openSUSE openldap2代码问题漏洞
openSUSE openldap2 is a Lightweight Directory Access Protocol v3 LDAPv3 client and server reference implementation from SUSE Germany. The server provides several database backends and overlays. A code issue vulnerability exists in openSUSE openldap2 versions prior to 2.3.6 through 404.1, which...
Yandex Browser installer for Desktop DLL Hijacking Vulnerability
Yandex Browser is a free Chromium-based web browser developed by Russian web search company Yandex that uses the Blink typography engine and runs on Windows, OS X, Android and iOS. A DLL hijacking vulnerability exists in the Yandex Browser installer for desktop versions prior to 17.4.1. The...
CVE-2017-7327
Yandex Browser installer for Desktop before 17.4.1 has a DLL Hijacking Vulnerability because an untrusted search path is used for dnsapi.dll, winmm.dll, ntmarta.dll, cryptbase.dll or profapi.dll...
CVE-2017-11160
Multiple untrusted search path vulnerabilities in installer in Synology Assistant before 6.1-15163 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse 1 shfolder.dll, 2 ntmarta.dll, 3 secur32.dll or 4 dwmapi.dll file in the current worki...
CVE-2010-5226
Summary: CVE-2010-5226 affects Autodesk Design Review 2011 (version 11.0.0.86) and involves multiple untrusted search path vulnerabilities. The root cause is placing a Trojan horse through (1) dwmapi.dll, (2) whiptk_wt.7.12.601.dll, or (3) xaml_wt.7.6.0.dll in the current working directory, demon...