CVE-2022-27595

An insecure library loading vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local attackers who have gained user access to execute unauthorized code or commands. We have already fixed the vulnerability in the following versions: QVPN Windo...

EUVD-2020-12294

Malware in sbrugna...

EUVD-2018-7832

Malware in sbrugna...

CVE-2024-7263

Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.17115 exclusive on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.1.0.17119 to mitigate CVE-2024-7262 was not restrictive enough...

CVE-2022-27595

CVE-2022-27595 corresponds to an insecure library loading vulnerability in QNAP’s QVPN Device Client. Multiple connected sources consistently state that a local attacker who already has user access can exploit this issue to execute unauthorized code or commands on affected systems. The problem is...

APSB18-20 Security update available for the Adobe Creative Cloud Desktop Application

Adobe has released a security update for the Creative Cloud Desktop Application installer for Windows. This update resolves an insecure library loading vulnerability in the installer that could lead to privilege escalation CVE-2018-5003...

Code injection

Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The vulnerability is due to unsafe library loading of browser related library extensions in the installer plugin. A successful exploitation could lead to arbitrary code execution...

KLA10921 Multiple vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, gain priveleges. Below is a complete list of vulnerabilities: 1. Memory corruption vulnerabilit...

CVE-2016-3235

Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016, Visio Viewer 2007 SP3, and Visio Viewer 2010 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loading Vulnerability."...

openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-3378)

This update brings Mozilla Thunderbird to version 3.0.9, fixing various bugs and security issues. The following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-base...

CentOS Update for java CESA-2011:0281 centos5 x86_64

Check for the Version of java OpenVAS Vulnerability Test CentOS Update for java CESA-2011:0281 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

CVE-2012-1849

Untrusted search path vulnerability in Microsoft Lync 2010, 2010 Attendee, and 2010 Attendant allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .ocsmeet file, aka "Lync Insecure Library Loading...

ESA-2011-039: RSA(r), The Security Division of EMC, announces security fixes and improvements for RSASecurID(r) Software Token 4.1 for Microsoft(r)Windows(r)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-039: RSA®, The Security Division of EMC, announces security fixes and improvements for RSASecurID® Software Token 4.1 for Microsoft®Windows® Advisories Updated December 12, 2011 Summary: RSA, The Security Division of EMC, announces security...

Design/Logic Flaw

Untrusted search path vulnerability in Microsoft PowerPoint 2007 SP2 and 2010 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "PowerPoint Insecure Library Loading Vulnerability."...

Design/Logic Flaw

Untrusted search path vulnerability in the Microsoft Active Accessibility component in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in...

CVE-2011-2009

CVE-2011-2009 describes an Untrusted search path vulnerability in Windows Media Center that allows local users to gain privileges via a Trojan horse DLL loaded from the current working directory. Affected products: Windows Vista SP2, Windows 7 (Gold and SP1), and Windows Media Center TV Pack for ...

Input validation

Multiple untrusted search path vulnerabilities in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow local users to gain privileges via a Trojan horse DLL in the current working directory, as...

Design/Logic Flaw

Untrusted search path vulnerability in Microsoft Office 2003 SP3 and 2007 SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .doc, .ppt, or .xls file, aka "Office Component Insecure Library Loading...

CVE-2011-1980

Untrusted search path vulnerability in Microsoft Office 2003 SP3 and 2007 SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .doc, .ppt, or .xls file, aka "Office Component Insecure Library Loading...

Design/Logic Flaw

Untrusted search path vulnerability in the client in Microsoft Remote Desktop Connection 5.2, 6.0, 6.1, and 7.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .rdp file, aka "Remote Desktop Insecure...