1152 matches found
CVE-2026-2809
Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow a privileged user to trigger an integer overflow within the DLL Injector, leading to a Blue-Screen-of-Death BSOD. Successful...
EUVD-2025-208751
A local, non-privileged attacker can abuse a vulnerable IOCTL interface exposed by the OpenEDR 2.5.1.0 kernel driver to modify the DLL injection path used by the product. By redirecting this path to a user-writable location, an attacker can cause OpenEDR to load an attacker-controlled DLL into...
CVE-2025-69784
A local, non-privileged attacker can abuse a vulnerable IOCTL interface exposed by the OpenEDR 2.5.1.0 kernel driver to modify the DLL injection path used by the product. By redirecting this path to a user-writable location, an attacker can cause OpenEDR to load an attacker-controlled DLL into...
CVE-2025-69784
A local, non-privileged attacker can abuse a vulnerable IOCTL interface exposed by the OpenEDR 2.5.1.0 kernel driver to modify the DLL injection path used by the product. By redirecting this path to a user-writable location, an attacker can cause OpenEDR to load an attacker-controlled DLL into...
PT-2026-25634
A DLL search order hijacking vulnerability in Thermalright TR-VISION HOME on Windows 64-bit allows a local attacker to escalate privileges via DLL side-loading. The application loads certain dynamic-link library DLL dependencies using the default Windows search order, which includes directories...
Thermalright TR-VISION HOME 安全漏洞
Thermalright TR-VISION HOME is a hardware monitoring and display software developed by Thermalright Corporation. Versions of Thermalright TR-VISION HOME 2.0.5 and earlier contained security vulnerabilities. These vulnerabilities were caused by DLL loading order hijacking, which could allow local...
Rust-Based VENON Malware Targets 33 Brazilian Banks with Credential-Stealing Overlays
Cybersecurity researchers have disclosed details of a new banking malware targeting Brazilian users that's written in Rust, marking a significant departure from other known Delphi-based malware families associated with the Latin American cybercrime ecosystem. The malware, which is designed to...
CVE-2026-24317
SAP GUI for Windows allows DLL files to be loaded from arbitrary directories within the application. An unauthenticated attacker could exploit this vulnerability by persuading a victim to place a malicious DLL within one of these directories. The malicious command is executed in the victim user's...
EUVD-2026-10808
IBM Trusteer Rapport installer 3.5.2309.290 IBM Trusteer Rapport could allow a local attacker to execute arbitrary code on the system, caused by DLL uncontrolled search path element vulnerability. By placing a specially crafted file in a compromised folder, an attacker could exploit this...
EUVD-2026-10809
IBM Trusteer Rapport installer 3.5.2309.290 IBM Trusteer Rapport could allow a local attacker to execute arbitrary code on the system, caused by DLL uncontrolled search path element vulnerability. By placing a specially crafted file in a compromised folder, an attacker could exploit this...
CVE-2026-2713
IBM Trusteer Rapport installer 3.5.2309.290 IBM Trusteer Rapport could allow a local attacker to execute arbitrary code on the system, caused by DLL uncontrolled search path element vulnerability. By placing a specially crafted file in a compromised folder, an attacker could exploit this...
CVE-2026-2713
The CVE-2026-2713 entry concerns the IBM Trusteer Rapport installer (v3.5.2309.290) and CWE-427 Uncontrolled Search Path Element. A local attacker could execute arbitrary code by placing a crafted file in a compromised folder during installation. IBM has issued a fixed installer (v3.5.2504.127); ...
CVE-2026-2713
IBM Trusteer Rapport installer 3.5.2309.290 IBM Trusteer Rapport could allow a local attacker to execute arbitrary code on the system, caused by DLL uncontrolled search path element vulnerability. By placing a specially crafted file in a compromised folder, an attacker could exploit this...
EUVD-2026-10452
SAP GUI for Windows allows DLL files to be loaded from arbitrary directories within the application. An unauthenticated attacker could exploit this vulnerability by persuading a victim to place a malicious DLL within one of these directories. The malicious command is executed in the victim user's...
CVE-2026-30896
The installer for Qsee Client versions 1.0.1 and prior insecurely load Dynamic Link Libraries DLLs. When a user is directed to place some malicious DLL to the same directory and execute the affected installer, then arbitrary code may be executed with the administrative privilege...
IBM Trusteer Rapport 代码问题漏洞
IBM Trusteer Rapport is a terminal security software developed by IBM Corporation, designed to protect browser sessions. Version 3.5.2309.290 of IBM Trusteer Rapport contains a code vulnerability. This vulnerability stems from an uncontrolled search path element in the DLL, which may allow local...
CVE-2026-30896
The installer for Qsee Client versions 1.0.1 and prior insecurely load Dynamic Link Libraries DLLs. When a user is directed to place some malicious DLL to the same directory and execute the affected installer, then arbitrary code may be executed with the administrative privilege...
EUVD-2026-9947
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 Windows before build 41186...
EUVD-2025-208332
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent Windows before build 41124...
Acronis Cyber Protect Cloud Agent 代码问题漏洞
Acronis Cyber Protect Cloud Agent is a cloud agent developed by the Swiss company Acronis. Versions of Acronis Cyber Protect Cloud Agent prior to build 41124 contained code-related vulnerabilities. These vulnerabilities were caused by DLL hijacking, which could lead to an increase in local...