EUVD-2026-29912

Bytello Share Windows Edition installer executable provided by Bytello insecurely loads Dynamic Link Libraries. If there is a crafted DLL at the same directory when invoking the affected installer, arbitrary code may be executed with the privilege of the user invoking the installer...

CVE-2026-28760

The installer of RATOC RAID Monitoring Manager for Windows searches the current directory to load certain DLLs. If a user is directed to place a crafted DLL with the installer, an arbitrary code may be executed with the administrator privilege...

EUVD-2026-9522

UPS Multi-UPS Management Console MUMC version 01.06.0001 A03 contains an Incorrect Default Permissions CWE-276 vulnerability that allows an attacker to execute arbitrary code with SYSTEM privileges by causing the application to load a specially crafted DLL...

CVE-2026-26034

UPS Multi-UPS Management Console MUMC version 01.06.0001 A03 contains an Incorrect Default Permissions CWE-276 vulnerability that allows an attacker to execute arbitrary code with SYSTEM privileges by causing the application to load a specially crafted DLL...

CVE-2023-25147

An issue in the Trend Micro Apex One agent could allow an attacker who has previously acquired administrative rights via other means to bypass the protection by using a specifically crafted DLL during a specific update process. Please note: an attacker must first obtain administrative access on t...

PT-2025-48540

A carefully crafted DLL, copied to C:ProgramDataSynaptics folder, allows a local user to execute arbitrary code with elevated privileges during driver installation...

Siemens Solid Edge DLL Hijacking (SSA-365596)

The version of Siemens Solid Edge installed on the remote Windows host is prior to SE2025 V225.0 Update 10. It is, therefore, affected by a DLL hijacking vulnerability. The affected application is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code via placing a...

EUVD-2025-34516

RemoteCall Remote Support Program for Operator versions prior to 5.3.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...

CVE-2025-26860

RemoteCall Remote Support Program for Operator versions prior to 5.1.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...

CVE-2025-26859

CVE-2025-26859 affects RSUPPORT’s RemoteView PC Application Console. Versions prior to 6.0.2 are vulnerable to an uncontrolled search path element (CWE-427) that can allow arbitrary code execution if a crafted DLL is placed in the application’s folder. The issue’s root cause is a perilous search ...

EUVD-2008-3138

Malware in sbrugna...

EUVD-2015-2511

Malware in sbrugna...

EUVD-2017-7225

Malware in sbrugna...

EUVD-2020-6027

Malware in sbrugna...

EUVD-2021-12590

Malware in sbrugna...

EUVD-2021-18525

Malware in sbrugna...

EUVD-2024-52002

Malicious code in bioql PyPI...

EUVD-2022-33396

Malicious code in bioql PyPI...

CVE-2021-25698

The OpenSSL component of the Teradici PCoIP Standard Agent prior to version 21.07.0 was compiled without the no-autoload-config option, which allowed an attacker to elevate to the privileges of the running process via placing a specially crafted dll in a build configuration directory...

CVE-2020-13813

An issue was discovered in Foxit Studio Photo before 3.6.6.922. It allows local users to gain privileges via a crafted DLL in the current working directory when FoxitStudioPhoto3663.6.6.916.exe is used...