Lucene search
+L

63 matches found

susecve
susecve
added 2026/05/27 5:2 a.m.5 views

SUSE CVE-2022-32223

Node.js is vulnerable to Hijack Execution Flow: DLL Hijacking under certain conditions on Windows platforms.This vulnerability can be exploited if the victim has the following dependencies on a Windows machine: OpenSSL has been installed and “C:\Program Files\Common Files\SSL\openssl.cnf”...

7.3CVSS6.6AI score0.01732EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2026/04/15 12:0 a.m.11 views

PT-2026-33184

Yubico libfido2 before 1.17.0, python-fido2 before 2.2.0, and yubikey-manager before 5.9.1 have an unintended DLL search path...

2.9CVSS5.8AI score0.00131EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/04/01 5:3 p.m.6 views

CVE-2026-22561

Uncontrolled search path elements in Anthropic Claude for Windows installer Claude Setup.exe versions prior to 1.1.3363 allow local privilege escalation via DLL search-order hijacking. The installer loads DLLs e.g., profapi.dll from its own directory after UAC elevation, enabling arbitrary code...

7.8CVSS6.4AI score0.00177EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/02/19 12:0 a.m.9 views

FileFlows 安全漏洞

FileFlows is an open-source, self-hosted file processing system developed by FileFlows. Versions of FileFlows prior to 25.05.2 contained security vulnerabilities. These vulnerabilities stemmed from the SQL injection vulnerability in the library file search function, which could lead to privilege...

7.6CVSS5.9AI score0.0019EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/02/18 11:44 p.m.3 views

CVE-2025-15585

Fileflows versions before 25.05.2 are affected by an authenticated SQL injection vulnerability in the library-file search function. Successful exploitation requires the system to use MySQL as the underlying database and could result in privilege escalation or data exfiltration...

7.6CVSS5.8AI score0.0019EPSS
Exploits0References2
cvelist
cvelist
added 2026/02/18 11:44 p.m.33 views

CVE-2025-15585

Fileflows versions before 25.05.2 are affected by an authenticated SQL injection vulnerability in the library-file search function. Successful exploitation requires the system to use MySQL as the underlying database and could result in privilege escalation or data exfiltration...

7.6CVSS0.0019EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2025/12/01 12:0 a.m.6 views

PT-2025-48402

The installer of INZONE Hub 1.0.10.3 to 1.0.17.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privilege of the user invoking the installer...

8.4CVSS7.9AI score0.00183EPSS
Exploits0References3
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2001-0895

Malware in sbrugna...

7.2CVSS6.4AI score0.00381EPSS
Exploits0References3
nvd
nvd
added 2025/10/06 6:15 a.m.5 views

CVE-2025-57781

The installers of DENSO TEN drive recorder viewer contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privilege of the user invoking the installer...

8.4CVSS0.0015EPSS
Exploits0References2
cve
cve
added 2025/09/16 12:0 a.m.21 views

CVE-2025-30075

CVE-2025-30075 affects Alludo MindManager on Windows prior to 25.0.208. An attacker who can write DLL files to directories within the victim’s DLL search paths could achieve code execution as a local user. Root cause is DLL writing in search paths enabling arbitrary code execution under local pri...

2.2CVSS6.7AI score0.00127EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/09/16 12:0 a.m.5 views

MindManager Windows 安全漏洞

MindManager Windows is a mind mapping tool from the US-based MindManager Inc. A security vulnerability exists in MindManager Windows versions prior to 25.0.208, which stems from a vulnerability that allows an attacker to write a DLL file to the victim's DLL search path, potentially leading to cod...

2.2CVSS7.2AI score0.00127EPSS
Exploits0References2
bdu_fstec
bdu_fstec
added 2023/03/09 12:0 a.m.9 views

The vulnerability of the StorSvc storage service in the Windows operating system allows a hacker to escalate their privileges.

The vulnerability of the StorSvc storage service in the Windows operating system arises due to deficiencies in the mechanism for searching dynamic libraries. Exploiting this vulnerability can allow an attacker to increase their privileges by introducing a DLL library during software installation...

8.8CVSS5.5AI score
Exploits0References2
bdu_fstec
bdu_fstec
added 2023/02/21 12:0 a.m.13 views

The vulnerability of Dell Container Storage Modules lies in their uncontrolled DLL search path, which allows an attacker to execute arbitrary code.

The vulnerability of the Dell Container Storage Modules relates to an uncontrolled DLL search process. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.8CVSS8AI score0.02095EPSS
Exploits0References3Affected Software1
susecve
susecve
added 2023/02/15 3:28 a.m.3 views

SUSE CVE-2022-22736

If Firefox was installed to a world-writable directory, a local privilege escalation could occur when Firefox searched the current directory for system libraries. However the install directory is not world-writable by default.This bug only affects Firefox for Windows in a non-default installation...

7CVSS8.4AI score0.00244EPSS
Exploits1References4
ptsecurity
ptsecurity
added 2023/02/15 12:0 a.m.6 views

PT-2023-15288 · Unknown · Pandora Fms Console

Name of the Vulnerable Software and Affected Versions: Pandora FMS Console versions prior to v767 Description: The issue arises from a Reflected Cross Site Scripting vulnerability in the Search Functionality of the Module Library. This vulnerability is triggered by the forget password...

6.4CVSS6.3AI score0.00338EPSS
Exploits0References7
bdu_fstec
bdu_fstec
added 2023/01/13 12:0 a.m.8 views

The vulnerability of the Fortinet FortiClient for Windows installer and the FortiClient Enterprise Management Server (EMS) allows a perpetrator to execute arbitrary code.

The vulnerability of the Fortinet FortiClient for Windows installer and the FortiClient Enterprise Management Server EMS is related to an uncontrolled DLL search process. Exploiting this vulnerability allows a attacker to execute arbitrary code using a specially crafted DLL library...

7.8CVSS7.6AI score0.00243EPSS
Exploits0References4Affected Software2
bdu_fstec
bdu_fstec
added 2022/11/09 12:0 a.m.9 views

The vulnerability of the Client Server Run-Time Subsystem (CSRSS) in the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the Client Server Run-Time Subsystem CSRSS in the Windows operating system is related to an uncontrolled DLL search process. Exploiting this vulnerability can allow a perpetrator to execute arbitrary code...

7.8CVSS7.6AI score0.09331EPSS
Exploits0References3
jvn
jvn
added 2022/03/30 5:0 a.m.5 views

AttacheCase may insecurely load Dynamic Link Libraries

Overview AttacheCase may insecurely load Dynamic Link Libraries. AttacheCase is an open source file encryption software provided by HiBARA Software. AttacheCase contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Taizoh Tsukamoto of...

7.8CVSS6.9AI score0.00362EPSS
Exploits0References8
attackerkb
attackerkb
added 2021/12/10 3:0 p.m.7 views

CVE-2021-4007

Rapid7 Insight Agent, versions 3.0.1 to 3.1.2.34, suffer from a local privilege escalation due to an uncontrolled DLL search path. Specifically, when Insight Agent versions 3.0.1 to 3.1.2.34 start, the Python interpreter attempts to load python3.dll at "C:\DLLs\python3.dll," which normally is...

7.8CVSS7.2AI score0.00319EPSS
Exploits0References3Affected Software1
bdu_fstec
bdu_fstec
added 2021/11/25 12:0 a.m.9 views

The vulnerability of the Adobe Creative Cloud Desktop Application’s graphic editor app relates to an insecure process for searching DLL libraries. This vulnerability allows attackers to escalate their privileges.

The vulnerability of the Adobe Creative Cloud Desktop Application’s graphic editor relates to a non-safe method of searching for DLL libraries. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...

9.3CVSS7.5AI score0.03279EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder