CVE-2026-2516

A vulnerability was identified in Unidocs ezPDF DRM Reader and ezPDF Reader 2.0/3.0.0.4. This affects an unknown part in the library SHFOLDER.dll. Such manipulation leads to uncontrolled search path. The attack needs to be performed locally. Attacks of this nature are highly complex. It is...

CVE-2026-2516

A vulnerability was identified in Unidocs ezPDF DRM Reader and ezPDF Reader 2.0/3.0.0.4. This affects an unknown part in the library SHFOLDER.dll. Such manipulation leads to uncontrolled search path. The attack needs to be performed locally. Attacks of this nature are highly complex. It is...

CVE-2026-2516

Unidocs ezPDF DRM Reader and ezPDF Reader 2.0/3.0.0.4 (32-bit) are affected by a vulnerability in SHFOLDER.dll causing an uncontrolled search path. The issue requires local access to exploit and is described as high impact (confidentiality, integrity, availability) with high exploit maturity (pro...

CVE-2023-4770

An uncontrolled search path element vulnerability has been found on 4D and 4D server Windows executables applications, affecting version 19 R8 100218. This vulnerability consists in a DLL hijacking by replacing x64 shfolder.dll in the installation path, causing an arbitrary code execution...

4D Windows Server Code Issue Vulnerability

4D Windows Server is a family of applications from 4D USA. A code issue vulnerability exists in 4D Windows Server that originates from a DLL hijacking that can lead to arbitrary code execution by replacing shfolder.dll in the installation path...

Synology Photo Station Uploader Arbitrary Code Execution Vulnerability

Synology Photo Station Uploader is a suite of applications that allow you to mass upload photos and videos to Photo Station. An arbitrary code execution vulnerability exists in the Synology Photo Station Uploader installer, which can be exploited by a local attacker to execute arbitrary code and...