Lucene search
+L

118 matches found

Apple
Apple
added 2019/10/30 12:0 a.m.124 views

About the security content of iTunes 12.10.2 for Windows

About the security content of iTunes 12.10.2 for Windows This document describes the security content of iTunes 12.10.2 for Windows. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...

9.3CVSS8.7AI score0.09543EPSS
Exploits2References1Affected Software1
OpenVAS
OpenVAS
added 2019/10/30 12:0 a.m.40 views

Apple Mac OS X Security Updates (HT210722)-01

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.8AI score0.07709EPSS
Exploits7References1
BDU FSTEC
BDU FSTEC
added 2019/07/16 12:0 a.m.8 views

The vulnerability of the dynamic library loading mechanism in the Cisco Jabber for Windows multimedia corporate messaging system allows a hacker to execute arbitrary code with the privileges of another user’s account.

The vulnerability of the dynamic library loading mechanism in the Cisco Jabber for Windows multimedia corporate messaging system is related to insufficient checking of resources loaded by the application. Exploiting this vulnerability allows a perpetrator to execute arbitrary code with the...

7.3CVSS6AI score0.02195EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/05/31 12:0 a.m.6 views

The vulnerability of the synchronization identifier application in the Cisco Directory Connector lies in errors in the path validation mechanism, allowing an intruder to gain unauthorized access to protected information.

The vulnerability of the application for synchronizing identifiers in the Cisco Directory Connector is related to errors in the mechanism for checking the path of dynamically attached libraries. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected...

5.1CVSS6AI score0.00383EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/05/17 5:20 p.m.43 views

CVE-2018-16156

In PaperStream IP TWAIN 1.42.0.5685 Service Update 7, the FJTWSVIC service running with SYSTEM privilege processes unauthenticated messages received over the FjtwMkicFjicube32 named pipe. One of these message processing functions attempts to dynamically load the UninOldIS.dll library and executes...

7.8AI score0.02557EPSS
Exploits4References2
BDU FSTEC
BDU FSTEC
added 2019/01/18 12:0 a.m.22 views

The vulnerability of the NormaCS automation tool for working with regulatory documents allows a violator to execute any code they desire.

The vulnerability of the NormaCS tool for automating the processing of regulatory documents is related to the use of the MFC library set. It arises due to deficiencies in the restriction on the searchable range of dynamically loaded libraries. Exploiting this vulnerability could allow a malicious...

6.9CVSS6AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/11/09 7:13 a.m.5 views

The installer of Windows10 Fall Creators Update Modify module for Security Measures tool may insecurely load Dynamic Link Libraries

Overview The installer of Windows10 Fall Creators Update Modify module for Security Measures tool provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Tomohisa Hasegawa of Canon...

7.8CVSS6.9AI score0.00365EPSS
Exploits0References6
OSV
OSV
added 2018/07/25 11:29 p.m.5 views

CVE-2018-8090

Quick Heal Total Security 64 bit 17.00 QHTS64.exe, QHTSFT64.exe - Version 10.0.1.38; Quick Heal Total Security 32 bit 17.00 QHTS32.exe, QHTSFT32.exe - Version 10.0.1.38; Quick Heal Internet Security 64 bit 17.00 QHIS64.exe, QHISFT64.exe - Version 10.0.0.37; Quick Heal Internet Security 32 bit 17....

7.8CVSS5.8AI score0.01185EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2018/03/30 12:0 a.m.8 views

The vulnerability of the DLL-file loading mechanism of the cryptographic protection tool ViPNet Coordinator, which allows a hacker to execute arbitrary code with administrator privileges.

The vulnerability of the DLL file loading mechanism of the cryptographic protection tool ViPNet Coordinator is related to deficiencies in access control. Exploiting this vulnerability allows an attacker to execute arbitrary code with administrator privileges using a specially crafted DLL file...

8.8CVSS6AI score
Exploits0Affected Software1
OSV
OSV
added 2018/02/05 7:29 a.m.9 views

CVE-2018-6461

March Hare WINCVS before 2.8.01 build 6610, and CVS Suite before 2009R2 build 6610, contains an Insecure Library Loading vulnerability in the wincvs2.exe or wincvs.exe file, which may allow local users to gain privileges via a Trojan horse Python or TCL DLL file in the current working directory...

7.8CVSS5.8AI score0.0181EPSS
Exploits3References4
BDU FSTEC
BDU FSTEC
added 2017/11/23 12:0 a.m.4 views

The vulnerability of the TRIE component of the Windows operating system, allowing a hacker to execute arbitrary code

The vulnerability of the TRIE component in the Windows operating system is related to errors that occur during the loading of DLL files. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using specially crafted DLL files...

9.3CVSS8.2AI score0.18881EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/21 6:40 a.m.8 views

The installer of Media Go and Music Center for PC may insecurely load Dynamic Link Libraries

Overview Media Go and Music Center for PC provided by Sony Group are file management tools. The installer of Media Go and Music Center for PC contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. and Shun Suza...

9.3CVSS6.9AI score0.01029EPSS
Exploits0References8
OSV
OSV
added 2017/11/16 7:29 a.m.3 views

CVE-2017-12314

A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local attacker to perform a DLL preloading attack, potentially causing a partial impact to the device availability, confidentiality, and integrity, aka Insecure Library Loading. The vulnerability is due to...

7.8CVSS5.8AI score0.00356EPSS
Exploits0References2
OSV
OSV
added 2017/09/28 1:29 a.m.6 views

CVE-2017-13676

Norton Remove & Reinstall can be susceptible to a DLL preloading vulnerability. These types of issues occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, it will generally follow a...

7CVSS5.8AI score0.00383EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/25 5:50 a.m.5 views

Installer and self-extracting archive containing the installer of "Security Setup Tool" may insecurely load Dynamic Link Libraries

Overview The installer and the self-extracting archive containing the installer of "Security Setup Tool" provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of...

9.3CVSS6.9AI score0.01059EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/06/05 4:47 a.m.4 views

Installer of Houkokusyo Sakusei Shien Tool provided by Ministry of the Environment may insecurely load Dynamic Link Libraries

Overview Installer of Houkokusyo Sakusei Shien Tool provided by Ministry of the Environment contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Eili Masami of Tachibana Lab. and BlackWingCat of Pink Flying Whale reported this vulnerability to...

7.8CVSS6.9AI score0.01093EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/05/25 5:14 a.m.5 views

Installers of the screensavers provided by JAPAN AIR SELF DEFENSE FORCE, MINISTRY OF DEFENSE may insecurely load Dynamic Link Libraries

Overview Installers of the screensavers provided by JAPAN AIR SELF DEFENSE FORCE, MINISTRY OF DEFENSE contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Eili Masami of Tachibana Lab. reported this vulnerability to IPA. JPCERT/CC coordinated wit...

9.3CVSS7.3AI score0.01427EPSS
Exploits0References5
Apple
Apple
added 2017/01/23 5:36 a.m.47 views

About the security content of iCloud for Windows 6.0.1 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

8.8CVSS0.6AI score0.01532EPSS
Exploits0Affected Software1
OSV
OSV
added 2016/12/20 6:59 a.m.4 views

CVE-2016-7275

Microsoft Office 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loading Vulnerability."...

7.8CVSS5.8AI score0.01417EPSS
Exploits0References3
Apple
Apple
added 2016/10/27 12:0 a.m.37 views

About the security content of iCloud for Windows 6.0.1

About the security content of iCloud for Windows 6.0.1 This document describes the security content of iCloud for Windows 6.0.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches ...

8.8CVSS0.6AI score0.01532EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder