9 matches found
EUVD-2022-28209
Malicious code in bioql PyPI...
Privilege escalation
A maliciously crafted DLL file can be forced to write beyond allocated boundaries in the Autodesk installer when parsing the DLL files and could lead to a Privilege Escalation vulnerability...
Emerson GE Automation Proficy Machine Input Validation Error Vulnerability
Emerson GE Automation Proficy Machine Edition is an application of emerson Inc. an automation solution. An automation solution, an input validation error vulnerability exists in Emerson GE Automation Proficy Machine due to incorrect input validation in Emerson GE Automation Proficy Machine Editio...
CVE-2017-14017
An Uncontrolled Search Path Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An uncontrolled search path element vulnerability has been identified, which may allow a remote attacker without privileges to execute arbitrary code in the form of a malicious DLL file...
CVE-2017-14017
CVE-2017-14017 affects Progea Movicon SCADA/HMI (Movicon 11.5.1181 and earlier). The vulnerability is an Uncontrolled Search Path Element that may allow a local attacker with low privileges to execute arbitrary code by loading a malicious DLL. Related entries also reference CVE-2017-14019 (Unquot...
CVE-2017-13993
An Uncontrolled Search Path or Element issue was discovered in i-SENS SmartLog Diabetes Management Software, Version 2.4.0 and prior versions. An uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DLL file in the search path...
CVE-2017-6051
An Uncontrolled Search Path Element issue was discovered in BLF-Tech LLC VisualView HMI Version 9.9.14.0 and prior. The uncontrolled search path element vulnerability has been identified, which may allow an attacker to run a malicious DLL file within the search path resulting in execution of...
Adobe Flash Player Security Bypass (APSB16-18: CVE-2016-4140)
A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to insecure library loading while handling certain files. A remote attacker could exploit this issue by enticing a user to open a legitimate file that will insecurely load a specially crafted D...
CVE-2007-2216
Summary: CVE-2007-2216 affects the tblinf32.dll ActiveX control in Internet Explorer (versions 5.01, 6 SP1, 7). The vulnerability stems from an incorrect IObjectsafety implementation, enabling remote code execution when a user loads a crafted web page. The attack path involves a crafted DLL argum...