CVE-2026-4962

A security flaw has been discovered in UltraVNC up to 1.6.4.0. Affected by this issue is some unknown functionality in the library version.dll of the component Service. The manipulation results in uncontrolled search path. The attack needs to be approached locally. This attack is characterized by...

CVE-2026-4962 UltraVNC Service version.dll uncontrolled search path

A security flaw has been discovered in UltraVNC up to 1.6.4.0. Affected by this issue is some unknown functionality in the library version.dll of the component Service. The manipulation results in uncontrolled search path. The attack needs to be approached locally. This attack is characterized by...

CVE-2026-33156

ScreenToGif is a screen recording tool. In versions from 2.42.1 and prior, ScreenToGif is vulnerable to DLL sideloading via version.dll . When the portable executable is run from a user-writable directory, it loads version.dll from the application directory instead of the Windows System32...

CVE-2026-33156 DLL Sideloading in ScreenToGif

ScreenToGif is a screen recording tool. In versions from 2.42.1 and prior, ScreenToGif is vulnerable to DLL sideloading via version.dll . When the portable executable is run from a user-writable directory, it loads version.dll from the application directory instead of the Windows System32...

CVE-2026-23755 D-Link D-View 8 Installer DLL Preloading via Uncontrolled Search Path

D-Link D-View 8 versions 2.0.1.107 and below contain an uncontrolled search path vulnerability in the installer. When executed with elevated privileges via UAC, the installer attempts to load version.dll from its execution directory, allowing DLL preloading. An attacker can supply a malicious...

CVE-2026-23755

CVE-2026-23755 affects D-Link D-View 8 installer, versions 2.0.1.107 and below. The vulnerability is an uncontrolled search path leading to DLL preloading: during installation, the process loads version.dll from its execution directory when run with elevated privileges via UAC, enabling attacker-...

CVE-2026-23755

D-Link D-View 8 versions 2.0.1.107 and below contain an uncontrolled search path vulnerability in the installer. When executed with elevated privileges via UAC, the installer attempts to load version.dll from its execution directory, allowing DLL preloading. An attacker can supply a malicious...

CVE-2024-42053

The MSI installer for Splashtop Streamer for Windows before 3.6.0.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM by placing a version.dll file in the folder...

SUPERAntiSpyware Professional X 10.0.1264 DLL Hijacking / Privilege Escalation

Title: SUPERAntiSpyware Professional X Version =10.0.1264 "version.dll" Local Privilege Escalation Date: 03.04.2024 Author: M. Akil Gündoğan Vendor Homepage: https://superantispyware.com/ Version: 10.0.1262 and lastest version 10.0.1264 Tested on: Windows 10 Professional x64 PoC Video:...

CVE-2023-47453

An Untrusted search path vulnerability in Sohu Video Player 7.0.15.0 allows local users to gain escalated privileges through the version.dll file in the current working directory...

CVE-2023-47453

An Untrusted search path vulnerability in Sohu Video Player 7.0.15.0 allows local users to gain escalated privileges through the version.dll file in the current working directory...

CVE-2022-25969

The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL or some other DLLs, allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer...

CVE-2016-8008

Privilege escalation vulnerability in Windows 7 and Windows 10 in McAfee Security Scan Plus SSP 3.11.376 allows attackers to load a replacement of the version.dll file via McAfee McUICnt.exe onto a Windows system...

CVE-2016-2855

The Huawei Mobile Broadband HL Service 22.001.25.00.03 and earlier uses a weak ACL for the MobileBrServ program data directory, which allows local users to gain SYSTEM privileges by modifying VERSION.dll...