Roslyn CodeLens MCP Server 安全漏洞

Roslyn CodeLens MCP Server is a Roslyn-based .NET code library tool for deep semantic analysis, developed by Marcel Roozekrans. Versions of Roslyn CodeLens MCP Server from 0.0.9 to 1.17.0 contain security vulnerabilities. These vulnerabilities stem from the getdiagnostics tool, which loads and...

Synology Presto Client 代码问题漏洞

Synology Presto Client is a high-speed transfer tool developed by the Chinese company Synology. Versions of Synology Presto Client prior to 2.1.3-0672 contained a code vulnerability. This vulnerability stemmed from uncontrolled search path elements during the installation process, which could all...

CVE-2026-25656

A vulnerability has been identified in SINEC NMS All versions V4.0 SP3, User Management Component UMC All versions V2.15.2.1. The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load malicious DLLs, potentially...

PT-2026-7258

Name of the Vulnerable Software and Affected Versions SINEC NMS versions prior to 4.0 SP2 Description The application allows unauthorized modification of a configuration file by a user with limited privileges. This could enable an attacker to load malicious DLLs, potentially resulting in arbitrar...

PT-2026-7259

Name of the Vulnerable Software and Affected Versions SINEC NMS versions prior to 2.15.2.1 User Management Component UMC versions prior to 2.15.2.1 Description The application allows unauthorized modification of a configuration file by a user with limited privileges. This could enable an attacker...

EUVD-2020-3960

Malware in sbrugna...

EUVD-2020-27801

Malware in sbrugna...

EUVD-2006-1225

Malware in sbrugna...

EUVD-2020-28213

Malware in sbrugna...

EUVD-2022-32028

Malicious code in bioql PyPI...

CVE-2025-10198 LizardBytes Sunshine for Windows contains a DLL search-order hijacking vulnerability

Sunshine for Windows, version v2025.122.141614, contains a DLL search-order hijacking vulnerability, allowing attackers to insert a malicious DLL in user-writeable PATH directories...

Linux Distros Unpatched Vulnerability : CVE-2017-6903

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In ioquake3 before 2017-03-14, the auto-downloading feature has insufficient content restrictions. This also affects Quake III Arena, OpenArena, OpenJK, iortcw,...

CVE-2025-6241 CVE-2025-6241

LsiAgent.exe, a component of SysTrack from Lakeside Software, attempts to load several DLL files which are not present in the default installation. If a user-writable directory is present in the SYSTEM PATH environment variable, the user can write a malicious DLL to that directory with arbitrary...

CVE-2025-2630

There is a DLL hijacking vulnerability due to an uncontrolled search path that exists in NI LabVIEW. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to insert a malicious DLL into the uncontrolled search path. This vulnerability affects NI...

PT-2024-9411 · Veritas · Veritas Netbackup

Name of the Vulnerable Software and Affected Versions: Veritas NetBackup versions prior to 10.5 Description: The issue is related to an uncontrolled search path element in Veritas NetBackup, which can be exploited to elevate privileges and execute arbitrary commands by loading malicious DLL...

Chimera - Automated DLL Sideloading Tool With EDR Evasion Capabilities

While DLL sideloading can be used for legitimate purposes, such as loading necessary libraries for a program to function, it can also be used for malicious purposes. Attackers can use DLL sideloading to execute arbitrary code on a target system, often by exploiting vulnerabilities in legitimate...

CVE-2022-47632

Razer Synapse before 3.7.0830.081906 allows privilege escalation due to an unsafe installation path, improper privilege management, and improper certificate validation. Attackers can place malicious DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin if they do so before the service is installed a...

CVE-2022-36415

A DLL hijacking vulnerability exists in the uninstaller in Scooter Beyond Compare 1.8a through 4.4.2 before 4.4.3 when installed via the EXE installer. The uninstaller attempts to load DLLs out of a Windows Temp folder. If a standard user places malicious DLLs in the C:\Windows\Temp\ folder, and...

Spoofing

A DLL hijacking vulnerability exists in the uninstaller in Scooter Beyond Compare 1.8a through 4.4.2 before 4.4.3 when installed via the EXE installer. The uninstaller attempts to load DLLs out of a Windows Temp folder. If a standard user places malicious DLLs in the C:\Windows\Temp\ folder, and...

Nodejs Dll hijacking vulnerability

Node.js is an open source and cross-platform JavaScript runtime environment. nodejs suffers from a Dll hijacking vulnerability, which can be exploited by attackers to inject malicious dlls into nodejs and execute code within Nodejs...