CVE-2026-4962 UltraVNC Service version.dll uncontrolled search path

A security flaw has been discovered in UltraVNC up to 1.6.4.0. Affected by this issue is some unknown functionality in the library version.dll of the component Service. The manipulation results in uncontrolled search path. The attack needs to be approached locally. This attack is characterized by...

CVE-2026-33156 DLL Sideloading in ScreenToGif

ScreenToGif is a screen recording tool. In versions from 2.42.1 and prior, ScreenToGif is vulnerable to DLL sideloading via version.dll . When the portable executable is run from a user-writable directory, it loads version.dll from the application directory instead of the Windows System32...

CVE-2026-23755

D-Link D-View 8 versions 2.0.1.107 and below contain an uncontrolled search path vulnerability in the installer. When executed with elevated privileges via UAC, the installer attempts to load version.dll from its execution directory, allowing DLL preloading. An attacker can supply a malicious...

EUVD-2025-176658

Malicious code in rest-version-library-hadron npm...

Malicious code in rest-version-library-hadron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e3b01d06955b1393fdf87ea7bfd085c32e43a39e890b503008aefae093db6b9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189217 Malicious code in rest-version-library-hadron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e3b01d06955b1393fdf87ea7bfd085c32e43a39e890b503008aefae093db6b9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2023-50705

Malicious code in bioql PyPI...

CVE-2023-46491

ZenTao Biz version 4.1.3 and before has a Cross Site Scripting XSS vulnerability in the Version Library...

The vulnerability of ESET’s command-line scanner for anti-virus protection allows a hacker to execute arbitrary code.

The vulnerability of ESET’s command-line scanner for anti-virus protection is related to an uncontrolled element in the loading process of the version.dll library. Exploiting this vulnerability can allow a hacker to execute arbitrary code...

CVE-2023-46491

ZenTao Biz version 4.1.3 and before has a Cross Site Scripting XSS vulnerability in the Version Library...

CVE-2023-46491

ZenTao Biz version 4.1.3 and before has a Cross Site Scripting XSS vulnerability in the Version Library...

CVE-2023-46491

ZenTao Biz version 4.1.3 and before has a Cross Site Scripting XSS vulnerability in the Version Library...

Cross site scripting

ZenTao Biz version 4.1.3 and before has a Cross Site Scripting XSS vulnerability in the Version Library...

CVE-2023-46491

CVE-2023-46491 affects ZenTao Biz software, specifically versions 4.1.3 and earlier. The vulnerability is a Cross Site Scripting (XSS) issue in the Version Library, arising from unfiltered user input. Impact as documented: execution of arbitrary JavaScript in the affected application. Exploitatio...

CVE-2023-46491

ZenTao Biz version 4.1.3 and before has a Cross Site Scripting XSS vulnerability in the Version Library...

CVE-2023-46491

ZenTao Biz version 4.1.3 and before has a Cross Site Scripting XSS vulnerability in the Version Library...

UBUNTU-CVE-2015-9268

Nullsoft Scriptable Install System NSIS before 2.49 has unsafe implicit linking against Version.dll. In other words, there is no protection mechanism in which a wrapper function resolves the dependency at an appropriate time during runtime...

Huawei 3G/LTE Local Privilege Vulnerability

Huawei 3G/LTE is a router product from Huawei, a Chinese company. A local elevation of privilege vulnerability exists in the 'Mobile Broadband HL Service' service of Huawei 3G/LTE, which originates from a folder corresponding to the service that allows users to add a malicious VERSION.dll file. T...