CVE-2025-61973

A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user can replace a DLL file during the installation process, which may result in unintended elevation of privileges...

CVE-2025-61973

A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user can replace a DLL file during the installation process, which may result in unintended elevation of privileges...

CVE-2025-61973

CVE-2025-61973 is a local privilege escalation in the Epic Games Store installation via Microsoft Store. Cisco Talos details a DLL hijacking path: a writable %TEMP% directory allows replacing dxupdate.dll, which DXSETUP.exe later loads with SYSTEM privileges, yielding elevation. Affected versions...

EUVD-2026-2749

A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user can replace a DLL file during the installation process, which may result in unintended elevation of privileges...

CVE-2025-13051

When the service of ABP and AES is installed in a directory writable by non-administrative users, an attacker can replace or plant a DLL with the same name as one loaded by the service. Upon service restart, the malicious DLL is loaded and executed under the LocalSystem account, resulting in...

ASUSTOR Backup Plan（ABP）和ASUSTOR EZSync（AES） 安全漏洞

ASUSTOR Backup Plan ABP and ASUSTOR EZSync AES are both products of Chinese Taipei Huayun Technology ASUSTOR.ASUSTOR Backup Plan is a Windows backup tool.ASUSTOR EZSync is a bi-directional file synchronization for NAS devices. ASUSTOR EZSync is a bi-directional file synchronization tool for NAS...

PT-2025-47421

Name of the Vulnerable Software and Affected Versions ABP versions 2.0 through 2.0.7.9050 AES versions 1.0 through 1.0.6.8290 Description The services of ABP and AES, when installed in a directory accessible for writing by non-administrative users, are susceptible to DLL hijacking. An attacker ca...

EUVD-2016-5513

Malware in sbrugna...

EUVD-2021-22591

Malware in sbrugna...

EUVD-2022-41608

Malicious code in bioql PyPI...

CVE-2025-56383

Notepad++ v8.8.3 has a DLL hijacking vulnerability, which can replace the original DLL file to execute malicious code. NOTE: this is disputed by multiple parties because the behavior only occurs when a user installs the product into a directory tree that allows write access by arbitrary...

PT-2025-39673

Name of the Vulnerable Software and Affected Versions Notepad++ versions 8.8.3 and earlier Description Notepad++ version 8.8.3 contains a DLL hijacking flaw. This allows an attacker to replace original DLL files, such as NppExport.dll, with malicious versions, leading to arbitrary code execution...

CVE-2024-22410

Creditcoin is a network that enables cross-blockchain credit transactions. The Windows binary of the Creditcoin node loads a suite of DLLs provided by Microsoft at startup. If a malicious user has access to overwrite the program files directory it is possible to replace these DLLs and execute...

CVE-2019-8453

Some of the DLLs loaded by Check Point ZoneAlarm up to 15.4.062 are taken from directories where all users have write permissions. This can allow a local attacker to replace a DLL file with a malicious one and cause Denial of Service to the client...

CVE-2022-39062

A vulnerability has been identified in SICAM TOOLBOX II All versions V07.10. Affected applications do not properly set permissions for product folders. This could allow an authenticated attacker with low privileges to replace DLLs and conduct a privilege escalation...

CVE-2024-47576

CVE-2024-47576 concerns the SAP Product Lifecycle Costing Client (versions

Unable to Launch Applications After VDA Upgrade to 1912 CU9 Due to Missing Working Directory

Please note: You can download the required file from the Citrix downloads website by visiting the following link:https://www.citrix.com/downloads/citrix-tools To apply the updated DLL with the tested code changes, please replace the files in the specified locations on the Multi-Session VDA as...

CVE-2022-47631

Razer Synapse through 3.7.1209.121307 allows privilege escalation due to an unsafe installation path and improper privilege management. Attackers can place DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin if they do so before the service is installed and if they deny write access for the SYSTEM...

Siemens SICAM TOOLBOX II Execution with Unnecessary Privileges Vulnerability

SICAM TOOLBOX II is an engineering solution for plants and systems of all sizes. It allows data collection, data modeling, configuration and parameterization. It is used for process information engineering of automation and central control room systems. Siemens SICAM TOOLBOX II has an Execute wit...

CVE-2022-39062

A vulnerability has been identified in SICAM TOOLBOX II All versions V07.10. Affected applications do not properly set permissions for product folders. This could allow an authenticated attacker with low privileges to replace DLLs and conduct a privilege escalation...