21 matches found
EUVD-2018-18270
Malware in sbrugna...
EUVD-2017-3887
Malware in sbrugna...
EUVD-2021-18715
Malware in sbrugna...
CVE-2019-5701
NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature also known as a binary planting or DLL preloading attack,...
Security Bulletin: Multiple security vulnerabilities in the IBM InfoSphere Information Server Suite.
Abstract Security Bulletin: Multiple security vulnerabilities in the IBM InfoSphere Information Server Suite. Content SUMMARY: Security vulnerabilities exist in various versions of IBM Information Server or constituent products. Note: The same fix may be listed under multiple vulnerabilities...
CVE-2021-31847 Improper privilege management in repair process of MA for Windows
Improper access control vulnerability in the repair process for McAfee Agent for Windows prior to 5.7.4 could allow a local attacker to perform a DLL preloading attack using unsigned DLLs. This would result in elevation of privileges and the ability to execute arbitrary code as the system user,...
McAfee Agent Code Issue Vulnerability (CNVD-2021-49069)
The McAfee McAfee Agent MA is a set of client components from McAfee, Inc. that provides secure communications between ePolicy Orchestrator the antivirus management platform and managed products. A security vulnerability exists in McAfee Agent in versions prior to 5.7.3. The vulnerability stems...
Vulnerabilities fixed in McAfee Agent for Windows
Vulnerabilities have been fixed in McAfee Agent for Windows. A malicious party could potentially exploit the vulnerability with CVE attribute CVE-2021-31840 potentially exploit it to execute arbitrary code with elevated privileges via a "DLL preloading" attack. The vulnerability with CVE attribut...
CVE-2021-31840
A vulnerability in the preloading mechanism of specific dynamic link libraries in McAfee Agent for Windows prior to 5.7.3 could allow an authenticated, local attacker to perform a DLL preloading attack with unsigned DLLs. To exploit this vulnerability, the attacker would need to have valid...
CVE-2021-31840
A vulnerability in the preloading mechanism of specific dynamic link libraries in McAfee Agent for Windows prior to 5.7.3 could allow an authenticated, local attacker to perform a DLL preloading attack with unsigned DLLs. To exploit this vulnerability, the attacker would need to have valid...
CVE-2021-31840 DLL preload vulnerability in McAfee Agent for Windows
A vulnerability in the preloading mechanism of specific dynamic link libraries in McAfee Agent for Windows prior to 5.7.3 could allow an authenticated, local attacker to perform a DLL preloading attack with unsigned DLLs. To exploit this vulnerability, the attacker would need to have valid...
McAfee Agent代码问题漏洞
The McAfee McAfee Agent MA is a set of client components from McAfee, Inc. that provides secure communications between ePolicy Orchestrator the antivirus management platform and managed products. A security vulnerability exists in McAfee Agent in versions prior to 5.7.3. The vulnerability stems...
Monero: Misconfiguration in build environment allows DLL preloading attack
Summary: monero-wallet-gui.exe tries to dynamically load some dynamic link librariesDLL which are not present in the applications directory, so LoadLibraryA system-call will search other directories such as Windows root and %PATH% for them. An attacker can gain arbitrary code execution if he/she...
Design/Logic Flaw
NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature also known as a binary planting or DLL preloading attack,...
CVE-2019-5694
CVE-2019-5694 affects NVIDIA Windows GPU Display Driver via the NVIDIA Control Panel loading Windows DLLs without path/signature validation (binary planting). Local attacker access required; impact includes denial of service or information disclosure with potential for code execution. From the pr...
Security Bulletin: NVIDIA GeForce Experience - November 2019
NVIDIA has released a software security update for NVIDIA® GeForce Experience™. This update addresses issues that may lead to code execution, information disclosure, or denial of service. To protect your system, download and install this software update through the GeForce Experience Downloads...
Design/Logic Flaw
NVIDIA Windows GPU Display driver software for Windows all versions contains a vulnerability in which it incorrectly loads Windows system DLLs without validating the path or signature also known as a binary planting or DLL preloading attack, leading to escalation of privileges through code...
Nvidia Warns Windows Gamers on GPU Driver Flaws
Graphics chipmaker Nvidia has issued three patches for high-severity vulnerabilities in its GPU display driver, which could lead to information disclosure, escalation of privileges and denial of service DoS in impacted Windows gaming devices. Nvidia’s graphics driver for Windows is used in device...
CVE-2017-12314
A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local attacker to perform a DLL preloading attack, potentially causing a partial impact to the device availability, confidentiality, and integrity, aka Insecure Library Loading. The vulnerability is due to...
CVE-2017-12314
Cisco FindIT Network Discovery Utility is affected by a DLL preloading vulnerability. An authenticated, local attacker could place a malicious DLL in the host’s search path, causing the utility to load the attacker’s DLL and partially compromise confidentiality, integrity, and availability on the...