157 matches found
CVE-2026-25656
A vulnerability has been identified in SINEC NMS All versions, User Management Component UMC All versions V2.15.2.1. The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load malicious DLLs, potentially leading to...
CVE-2025-10314 Malicious Code Execution Vulnerability in Mitsubishi Small-Capacity UPS Shutdown Software FREQSHIP-mini for Windows
Incorrect Default Permissions vulnerability in Mitsubishi Electric Corporation FREQSHIP-mini for Windows versions 8.0.0 to 8.0.2 allows a local attacker to execute arbitrary code with system privileges by replacing service executable files EXE or DLLs in the installation directory with specially...
Installer for Roland Cloud Manager may insecurely load Dynamic Link Libraries
Overview The installer for Roland Cloud Manager provided by Roland Corporation contains the following vulnerability with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2026-24694 Kazuma Matsumoto of GMO Cybersecurit...
CVE-2026-24694
Roland Cloud Manager, version 3.1.19 and earlier, is affected by an insecure DLL loading issue in its installer that could allow a local attacker to execute arbitrary code with the application’s privileges. Multiple sources corroborate the same description across NVD/Red Hat/CIRCL, with CVSS indi...
Roland Cloud Manager 代码问题漏洞
Roland Cloud Manager is a software management platform developed by the Japanese company Roland. Versions of Roland Cloud Manager 3.1.19 and earlier contained code vulnerabilities due to insecure loading of dynamic link libraries. These vulnerabilities could allow attackers to execute arbitrary...
ESET Inspect Connector security vulnerabilities
ESET Inspect Connector is a lightweight terminal agent component developed by ESET Singapore. There is a security vulnerability in ESET Inspect Connector, which stems from the possibility of loading malicious DLLs due to the embedding of custom configuration files...
Multiple Brother software installers may insecurely load Dynamic Link Libraries
Overview Multiple software installers provided by Brother Industries, Ltd. may insecurely load some dynamic link libraries. Uncontrolled search path element CWE-427 - CVE-2016-2542, CVE-2021-41526 Kazuma Matsumoto of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to Brother...
CVE-2025-33231
NVIDIA Nsight Systems for Windows contains a vulnerability in the application’s DLL loading mechanism where an attacker could cause an uncontrolled search path element by exploiting insecure DLL search paths. A successful exploit of this vulnerability might lead to code execution, escalation of...
CVE-2025-69258
Trend Micro Apex Central is affected by CVE-2025-69258 (LoadLibraryEX). The vulnerability allows an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to code execution under the SYSTEM context on affected installations. Current public details indica...
MailEnable 代码问题漏洞
MailEnable is a Windows-based business e-mail server from MailEnable Australia. MailEnable suffers from an insecure DLL loading vulnerability that can be exploited by an attacker to cause local arbitrary code execution...
Installer of INZONE Hub may insecurely load Dynamic Link Libraries
Overview The installer of INZONE Hub provided by Sony Corporation contains the following vulnerability with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2025-64772 Kazuma Matsumoto of GMO Cybersecurity by IERAE,...
Installer of WTW EAGLE (for Windows) may insecurely load Dynamic Link Libraries
Overview The installer of WTW EAGLE for Windows provided by Wireless Tsukamoto Co., Ltd. contains the following vulnerability with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2025-62776 Kazuma Matsumoto of GMO...
[SECURITY] Fedora 42 Update: mingw-binutils-2.43.1-5.fc42
Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...
SUSE CVE-2025-23309
NVIDIA Display Driver contains a vulnerability where an uncontrolled DLL loading path might lead to arbitrary denial of service, escalation of privileges, code execution, and data tampering...
EUVD-2020-17873
Malware in sbrugna...
EUVD-2021-26910
Malware in sbrugna...
EUVD-2021-26917
Malware in sbrugna...
EUVD-2006-1446
Malware in sbrugna...
EUVD-2017-9743
Malware in sbrugna...
CVE-2025-9267
The CVE-2025-9267 issue affects Seagate Toolkit on Windows, specifically Toolkit Installer versions prior to 2.35.0.6. The vulnerability arises from loading DLLs from the current working directory without validating origin or integrity, due to insecure DLL loading practices and reliance on relati...