CVE-2025-59710

An issue was discovered in Biztalk360 before 11.5. Because of incorrect access control, any user is able to request the loading a DLL file. During the loading, a method is called. An attacker can craft a malicious DLL, upload it to the server, and use it to achieve remote code execution on the...

CVE-2026-28728

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image Windows before build 42902...

CVE-2025-59710

An issue was discovered in Biztalk360 before 11.5. Because of incorrect access control, any user is able to request the loading a DLL file. During the loading, a method is called. An attacker can craft a malicious DLL, upload it to the server, and use it to achieve remote code execution on the...

CVE-2025-59710

An issue was discovered in Biztalk360 before 11.5. Because of incorrect access control, any user is able to request the loading a DLL file. During the loading, a method is called. An attacker can craft a malicious DLL, upload it to the server, and use it to achieve remote code execution on the...

CVE-2026-27774

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image Windows before build 42902...

CVE-2026-27774

CVE-2026-27774 affects Acronis True Image for Windows prior to build 42902. The issue is a DLL hijacking vulnerability that leads to local privilege escalation. Documentation lists the root cause as DLL search/loading issues; attack vector is local with high confidentiality/integrity/availability...

CVE-2026-27774

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image Windows before build 42902...

Acronis True Image 代码问题漏洞

Acronis True Image is a renowned data backup and restoration software developed by the Swiss company Acronis. This software can be used to create drive and disk images, and to restore those images when a clean system is required. Previous versions of Acronis True Image, such as version 42902, had...

EUVD-2026-17476

Uncontrolled search path elements in Anthropic Claude for Windows installer Claude Setup.exe versions prior to 1.1.3363 allow local privilege escalation via DLL search-order hijacking. The installer loads DLLs e.g., profapi.dll from its own directory after UAC elevation, enabling arbitrary code...

CVE-2026-22561

Uncontrolled search path elements in Anthropic Claude for Windows installer Claude Setup.exe versions prior to 1.1.3363 allow local privilege escalation via DLL search-order hijacking. The installer loads DLLs e.g., profapi.dll from its own directory after UAC elevation, enabling arbitrary code...

CVE-2026-4255

A DLL search order hijacking vulnerability in Thermalright TR-VISION HOME on Windows 64-bit allows a local attacker to escalate privileges via DLL side-loading. The application loads certain dynamic-link library DLL dependencies using the default Windows search order, which includes directories...

CVE-2026-28760

The installer of RATOC RAID Monitoring Manager for Windows searches the current directory to load certain DLLs. If a user is directed to place a crafted DLL with the installer, an arbitrary code may be executed with the administrator privilege...

PT-2026-28221

The installer of RATOC RAID Monitoring Manager for Windows searches the current directory to load certain DLLs. If a user is directed to place a crafted DLL with the installer, an arbitrary code may be executed with the administrator privilege...

Installer of OM Workspace (Windows Edition) may insecurely load Dynamic Link Libraries

Overview OM Workspace provided by OM Digital Solutions Corporation is image editing software. Installer of OM Workspace Windows Edition contains the following vulnerability with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Uncontrolled search path element...

CVE-2026-33156

ScreenToGif is a screen recording tool. In versions from 2.42.1 and prior, ScreenToGif is vulnerable to DLL sideloading via version.dll . When the portable executable is run from a user-writable directory, it loads version.dll from the application directory instead of the Windows System32...

EUVD-2026-13793

ScreenToGif is a screen recording tool. In versions from 2.42.1 and prior, ScreenToGif is vulnerable to DLL sideloading via version.dll . When the portable executable is run from a user-writable directory, it loads version.dll from the application directory instead of the Windows System32...

CVE-2026-33156 DLL Sideloading in ScreenToGif

ScreenToGif is a screen recording tool. In versions from 2.42.1 and prior, ScreenToGif is vulnerable to DLL sideloading via version.dll . When the portable executable is run from a user-writable directory, it loads version.dll from the application directory instead of the Windows System32...

ScreenToGif 安全漏洞

ScreenToGif is a screen recording and GIF creation tool developed by Nicke Manarin himself. Versions of ScreenToGif 2.42.1 and earlier contained security vulnerabilities, which were caused by a DLL-side loading vulnerability. This vulnerability could allow arbitrary code to be executed in user...

EUVD-2026-12641

Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow a privileged user to trigger an integer overflow within the DLL Injector, leading to a Blue-Screen-of-Death BSOD. Successful...

CVE-2026-2809 Endpoint DLP Driver DLL

Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow a privileged user to trigger an integer overflow within the DLL Injector, leading to a Blue-Screen-of-Death BSOD. Successful...