835 matches found
Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability
Microsoft Visual Basic for Applications VBA contains an insecure library loading vulnerability that could allow for remote code execution...
CVE-2026-5055 NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to...
NoMachine 代码问题漏洞
NoMachine is a remote desktop access tool developed by NoMachine Company in Luxembourg. NoMachine has code vulnerabilities that stem from loading libraries from insecure locations, which may lead to local privilege escalation...
CVE-2026-40031
MemProcFS before 5.17 contains multiple unsafe library-loading patterns that enable DLL and shared-library hijacking across six attack surfaces, including bare-name LoadLibraryU and dlopen calls without path qualification for vmmpyc, libMSCompression, and plugin DLLs. An attacker who places a...
CVE-2026-40031
MemProcFS 处理在版本 5.17 之前存在多处不安全的库加载模式,导致跨六个攻击面发生 DLL/共享库劫持。攻击者若在工作目录中放置恶意 DLL/共享库,或操控 LD_LIBRARY_PATH,便可在 MemProcFS 加载时实现任意代码执行。根本原因是对加载库的路径未进行严格限定,利用 bare-name LoadLibraryU/dlopen 未带路径的调用进行加载。影响面涉及本地攻击向量、可用性和完整性及机密性均可能被高影响波及。若存在利用,文档未给出具体利用细节。建议升级至 5.17 及以上版本以修复该加载模式问题;如不能立即升级,可结合路径限定、工作目录隔离及库加载 ...
CVE-2026-3775
The application's update service, when checking for updates, loads certain system libraries from a search path that includes directories writable by low‑privileged users and is not strictly restricted to trusted system locations. Because these libraries may be resolved and loaded from user‑writab...
EUVD-2026-17751
The application's update service, when checking for updates, loads certain system libraries from a search path that includes directories writable by low‑privileged users and is not strictly restricted to trusted system locations. Because these libraries may be resolved and loaded from user‑writab...
CVE-2026-3775
The application's update service, when checking for updates, loads certain system libraries from a search path that includes directories writable by low‑privileged users and is not strictly restricted to trusted system locations. Because these libraries may be resolved and loaded from user‑writab...
CVE-2026-3775
The application's update service, when checking for updates, loads certain system libraries from a search path that includes directories writable by low‑privileged users and is not strictly restricted to trusted system locations. Because these libraries may be resolved and loaded from user‑writab...
CVE-2026-28760
The installer of RATOC RAID Monitoring Manager for Windows searches the current directory to load certain DLLs. If a user is directed to place a crafted DLL with the installer, an arbitrary code may be executed with the administrator privilege...
PT-2026-28221
The installer of RATOC RAID Monitoring Manager for Windows searches the current directory to load certain DLLs. If a user is directed to place a crafted DLL with the installer, an arbitrary code may be executed with the administrator privilege...
EUVD-2026-10453
SAP GUI for Windows allows DLL files to be loaded from arbitrary directories within the application. An unauthenticated attacker could exploit this vulnerability by persuading a victim to place a malicious DLL within one of these directories. The malicious command is executed in the victim user's...
CVE-2026-24317
SAP GUI for Windows allows DLL files to be loaded from arbitrary directories within the application. An unauthenticated attacker could exploit this vulnerability by persuading a victim to place a malicious DLL within one of these directories. The malicious command is executed in the victim user's...
Installer for Qsee Client may insecurely load Dynamic Link Libraries
Overview The installer for Qsee Client provided by Qsee contains the following vulnerability with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2026-30896 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. report...
CVE-2026-30896
The installer for Qsee Client versions 1.0.1 and prior insecurely load Dynamic Link Libraries DLLs. When a user is directed to place some malicious DLL to the same directory and execute the affected installer, then arbitrary code may be executed with the administrative privilege...
Qsee Client 代码问题漏洞
Qsee Client is a video surveillance management software developed by the American company Qsee. Versions of Qsee Client 1.0.1 and earlier contained code vulnerabilities. These vulnerabilities stemmed from the installer’s insecure loading of dynamic link libraries, which could allow arbitrary code...
CVE-2026-2040
PDF-XChange Editor TrackerUpdate Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of PDF-XChange Editor. An attacker must first obtain the ability to execute low-privileged code on...
CVE-2026-26050
The installer for ジョブログ集計/分析ソフトウェア RICOHジョブログ集計ツール versions prior to Ver.1.3.7 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrative privileges...
PT-2026-7817
The installer of M-Track Duo HD version 1.0.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrator privileges...
EUVD-2025-206345
Crucial Storage Executive installer versions prior to 11.08.082025.00 contain a DLL preloading vulnerability. During installation, the installer runs with elevated privileges and loads Windows DLLs using an uncontrolled search path, which can cause a malicious DLL placed alongside the installer t...