Lucene search
K

16 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:41 p.m.9 views

CVE-2023-25005

A maliciously crafted DLL file can be forced to read beyond allocated boundaries in Autodesk InfraWorks 2023, and 2021 when parsing the DLL files could lead to a resource injection vulnerability...

7.8CVSS7AI score0.0022EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:16 a.m.8 views

CVE-2019-19688

A privilege escalation vulnerability in Trend Micro HouseCall for Home Networks versions below 5.3.0.1063 could be exploited allowing an attacker to place a malicious DLL file into the application directory and elevate privileges...

7.8CVSS7.2AI score0.00559EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:50 a.m.18 views

CVE-2024-11454

A maliciously crafted DLL file, when placed in the same directory as an RVT file could be loaded by Autodesk Revit, and execute arbitrary code in the context of the current process due to an untrusted search patch being utilized...

7.8CVSS7.6AI score0.00196EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/06/23 12:0 a.m.19 views

CVE-2023-27908

A maliciously crafted DLL file can be forced to write beyond allocated boundaries in the Autodesk installer when parsing the DLL files and could lead to a Privilege Escalation vulnerability...

7.8AI score0.00225EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/02/24 6:26 p.m.9 views

CVE-2022-23104 WIN-911 2021 Incorrect Default Permissions

WIN-911 2021 R1 and R2 are vulnerable to a permissions misconfiguration that may allow an attacker to locally write files to the program Operator Workspace directory, which holds DLL files and executables. A low-privilege attacker could write a malicious DLL file to the Operator Workspace directo...

5.6CVSS7.8AI score0.00208EPSS
Exploits0References2
Prion
Prion
added 2022/02/16 5:15 p.m.21 views

Path traversal

Adobe Creative Cloud Desktop version 2.7.0.13 and earlier is affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must download a...

5.1CVSS6.9AI score0.02249EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/02/04 10:29 p.m.37 views

CVE-2020-12891

AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged user may be able to drop its malicious DLL file in any location which is in path environment variable...

7.6AI score0.00254EPSS
Exploits0References1
Prion
Prion
added 2022/01/26 3:15 p.m.18 views

Design/Logic Flaw

In ListCheck.exe in Acer Care Center 4.x before 4.00.3038, a vulnerability in the loading mechanism of Windows DLLs could allow a local attacker to perform a DLL hijacking attack. This vulnerability is due to incorrect handling of directory search paths at run time. An attacker could exploit this...

6.9CVSS7.7AI score0.00604EPSS
Exploits1References3Affected Software1
CNVD
CNVD
added 2021/01/20 12:0 a.m.3 views

EV Live Assistant suffers from dll hijacking vulnerability

Ev Live Streaming Assistant is an unmanned live streaming software. EV Live Assistant suffers from a dll hijacking vulnerability. An attacker can exploit this vulnerability to load a fake malicious dll file and gain control of the server...

7.2AI score
Exploits0
NVD
NVD
added 2021/01/13 10:15 p.m.17 views

CVE-2021-1240

A vulnerability in the loading process of specific DLLs in Cisco Proximity Desktop for Windows could allow an authenticated, local attacker to load a malicious library. To exploit this vulnerability, the attacker must have valid credentials on the Windows system. This vulnerability is due to...

8.5CVSS6.2AI score0.00914EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2021/01/13 9:17 p.m.8 views

CVE-2021-1240 Cisco Proximity Desktop for Windows DLL Hijacking Vulnerability

A vulnerability in the loading process of specific DLLs in Cisco Proximity Desktop for Windows could allow an authenticated, local attacker to load a malicious library. To exploit this vulnerability, the attacker must have valid credentials on the Windows system. This vulnerability is due to...

4.8CVSS7.4AI score0.00914EPSS
Exploits0References1
Hacker One
Hacker One
added 2020/08/14 6:18 p.m.12 views

Acronis: TrueImage for Acronis True Image 2020 - Untrusted DLL Search-Ordering lead to Privilege Escalation as Administrative account

Vulnerability description not provided...

7.1AI score
Exploits0
Vulnrichment
Vulnrichment
added 2019/07/04 7:50 p.m.10 views

CVE-2019-1855 Cisco Jabber for Windows DLL Preloading Vulnerability

A vulnerability in the loading mechanism of specific dynamic link libraries in Cisco Jabber for Windows could allow an authenticated, local attacker to perform a DLL preloading attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The...

7.3CVSS7.4AI score0.02195EPSS
Exploits0References2
Prion
Prion
added 2017/11/16 7:29 a.m.13 views

Input validation

An untrusted search path aka DLL Preloading vulnerability in the Cisco Immunet antimalware installer could allow an authenticated, local attacker to execute arbitrary code via DLL hijacking if a local user with administrative privileges executes the installer in the current working directory wher...

7.2CVSS6.8AI score0.00536EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2017/08/14 4:29 p.m.13 views

CVE-2017-9646

An Uncontrolled Search Path Element issue was discovered in Solar Controls Heating Control Downloader HCDownloader Version 1.0.1.15 and prior. An uncontrolled search path element has been identified, which could allow an attacker to execute arbitrary code on a target system using a malicious DLL...

9.3CVSS7.8AI score0.01761EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2016/10/25 12:0 a.m.30 views

Adobe Reader 9.3.0 DLL Hijacking

===================================================== Adobe Reader 9.3.0 - DLL Hijacking ===================================================== Vendor Homepage: https://www.adobe.com/ Date: 24 Oct 2016 Version : 9.3.0 Author: Ashiyane Digital Security Team Contact: [email protected]...

0.4AI score
Exploits0
Rows per page
Query Builder