16 matches found
EUVD-2025-202299
Uncontrolled Search Path Element vulnerability in Yandex Telemost on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.19.1...
CVE-2025-5471
Uncontrolled Search Path Element vulnerability in Yandex Telemost on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.19.1...
CVE-2025-5471
CVE-2025-5471 affects Yandex Telemost on macOS, before version 2.19.1. The root cause is an uncontrolled Search Path Element, enabling search-order hijacking (dylib hijacking). Impact per sources is high on confidentiality, integrity, and availability when a malicious library is loaded via a mani...
CVE-2025-5471 Dylib Hijacking in Yandex Telemost
Uncontrolled Search Path Element vulnerability in Yandex Telemost on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.19.1...
PT-2025-50090
Name of the Vulnerable Software and Affected Versions Yandex Telemost versions prior to 2.19.1 Description An uncontrolled search path element issue exists in Yandex Telemost on MacOS, enabling search order hijacking. This allows an attacker to potentially manipulate the system's search path to...
Yandex Telemost 安全漏洞
Yandex Telemost is an application for easily creating video calls or video chats from the Russian company Yandex. A security vulnerability exists in Yandex Telemost versions prior to 2.19.1, which stems from improper control of the search path element and could lead to search order hijacking...
EUVD-2024-54619
Malicious code in bioql PyPI...
The vulnerability of the "Yandex.Telemost" video conference software for macOS allows a hacker to elevate their privileges and gain access to the device’s hardware resources.
The vulnerability of the "Yandex.Telemost" video conference software lies in the use of an unreliable search path. Exploiting this vulnerability can allow attackers to enhance their privileges and gain access to the device’s hardware resources...
CVE-2024-12168
Yandex Telemost for Desktop before 2.7.0 has a DLL Hijacking Vulnerability because an untrusted search path is used...
CVE-2024-12168
Yandex Telemost for Desktop before 2.7.0 has a DLL Hijacking Vulnerability because an untrusted search path is used...
CVE-2024-12168
Yandex Telemost for Desktop before 2.7.0 has a DLL Hijacking Vulnerability because an untrusted search path is used...
CVE-2024-12168 DLL Hijacking in Yandex Telemost
Yandex Telemost for Desktop before 2.7.0 has a DLL Hijacking Vulnerability because an untrusted search path is used...
CVE-2024-12168
CVE-2024-12168 affects Yandex Telemost for Desktop prior to version 2.7.0. The vulnerability is a DLL hijacking flaw caused by the use of an untrusted search path, potentially enabling arbitrary code execution. Reported CVSS vectors indicate HIGH impact with LOCAL access and user interaction requ...
CVE-2024-12168 DLL Hijacking in Yandex Telemost
Yandex Telemost for Desktop before 2.7.0 has a DLL Hijacking Vulnerability because an untrusted search path is used...
Yandex Telemost 代码问题漏洞
Yandex Telemost is an application for easily creating video calls or video chats from the Russian company Yandex. A security vulnerability exists in Yandex Telemost for Desktop prior to version 2.7.0, which stems from the use of untrusted search paths and may lead to DLL hijacking...
PT-2024-41365 · Yandex +1 · Telemost +1
Name of the Vulnerable Software and Affected Versions: Yandex Telemost versions prior to 2.7.0 Description: The issue is related to the use of an untrusted search path, which may allow an attacker to execute arbitrary code. This can be exploited through a DLL hijacking vulnerability...