14 matches found
CVE-2026-11967 Arbitrary code execution in MobaXterm Personal Edition (Portable)
MobaXterm Personal Edition Portable, in its 26.3 version Build 5154, allows arbitrary code execution by loading a malicious DLL located in the same directory as the portable executable. Because the application automatically loads the winspool.drv library from that location during startup, an...
CVE-2025-34423
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIAU.DLL from its installation directory without sufficient integrity validation or a secure search order. A...
Notepad++ Plugin Persistence
This module create persistence by adding a malicious plugin to Notepad++, as it blindly loads and executes DLL from its plugin directory on startup, meaning that the payload will be executed every time Notepad++ is launched. Module Options msf use...
EUVD-2024-54374
Malicious code in bioql PyPI...
CVE-2024-11859
DLL Search Order Hijacking vulnerability potentially allowed an attacker with administrator privileges to load a malicious dynamic-link library and execute its code...
CVE-2024-45207
DLL injection in Veeam Agent for Windows can occur if the system's PATH variable includes insecure locations. When the agent runs, it searches these directories for necessary DLLs. If an attacker places a malicious DLL in one of these directories, the Veeam Agent might load it inadvertently,...
Vulnerability fixed in Flexera Software FlexNet Publisher
Flexera Software has fixed a vulnerability in FlexNet Publisher. A local malicious person could exploit the vulnerability to grant itself elevated privileges and execute code with elevated privileges. To exploit the vulnerability, a malicious party must load a specially prepared SSL configuration...
CVE-2023-27908
A maliciously crafted DLL file can be forced to write beyond allocated boundaries in the Autodesk installer when parsing the DLL files and could lead to a Privilege Escalation vulnerability...
F5 BIG-IP Edge Gateway代码问题漏洞
F5 BIG-IP Edge Gateway is a remote access solution from F5 USA. An elevation of privilege vulnerability exists in F5 BIG-IP Edge Gateway, which stems from a faulty program call to an advanced native procedure, where a non-privileged user uses a malicious DLL to elevate power on a client Windows...
CVE-2019-10971
The application Network Configurator for DeviceNet Safety 3.41 and prior searches for resources by means of an untrusted search path that could execute a malicious .dll file not under the application's direct control and outside the intended directories...
Fortinet FortiClient Code Execution Vulnerability
Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. A security vulnerability exists in Fortinet FortiClient...
Cisco FindIT Network Discovery Utility Local Arbitrary Code Execution Vulnerability
Cisco FindIT Network Discovery Utility is a network device manager from Cisco USA. The product provides management functions for Cisco network devices. A local arbitrary code execution vulnerability exists in Cisco FindIT Network Discovery Utility that originates when the program loads a maliciou...
Installer of CASL II simulator untrustworthy search path vulnerability
CASL II simulator is a CASL II an assembly language simulator from Information Technology Promotion Agency ITPA, Japan.Installer is one of the installation programs. An untrusted search path vulnerability exists in the Installer of CASL II simulator. The vulnerability can be exploited by an...
Simeji for Windows Installer Untrusted Search Path Vulnerability
Simeji for Windows is a suite of Windows-based Japanese input method applications. An untrusted search path vulnerability exists in the installer simeji.exe in Simeji for Windows. The vulnerability can be exploited to gain privileges through a malicious DLL file in a directory...