EUVD-2022-49147

Malicious code in bioql PyPI...

CVE-2022-46330

Squirrel.Windows is both a toolset and a library that provides installation and update functionality for Windows desktop applications. Installers generated by Squirrel.Windows 2.0.1 and earlier contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries...

PT-2023-14972 · Unknown · Squirrel.Windows

Name of the Vulnerable Software and Affected Versions: Squirrel.Windows affected versions not specified Description: The issue concerns a DLL hijacking problem. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue...

Arbitrary Code Execution

squirrel.windows is vulnerable to arbitrary code execution. The vulnerability exists because the MitigateDllHijacking function of winmain.cpp insecurely loads the dynamic link libraries dll, allowing an attacker to inject and execute malicious code...

CVE-2022-46330

Squirrel.Windows is both a toolset and a library that provides installation and update functionality for Windows desktop applications. Installers generated by Squirrel.Windows 2.0.1 and earlier contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries...

CVE-2022-46330

Squirrel.Windows is both a toolset and a library that provides installation and update functionality for Windows desktop applications. Installers generated by Squirrel.Windows 2.0.1 and earlier contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries...

CVE-2022-46330

CVE-2022-46330 (Squirrel.Windows) affects installers generated by Squirrel.Windows 2.0.1 and earlier. The root cause is an issue in the DLL search path that can cause insecure loading of Dynamic Link Libraries, enabling arbitrary code execution with the invoking user’s privileges. Public document...

JVN#29902403: Installers generated by Squirrel.Windows may insecurely load Dynamic Link Libraries

Squirrel.Windows is both a toolset and a library that provides installation and update functionality for Windows desktop applications. Installers generated by Squirrel.Windows contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact...

CVE-2022-46330

Squirrel.Windows is both a toolset and a library that provides installation and update functionality for Windows desktop applications. Installers generated by Squirrel.Windows 2.0.1 and earlier contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries...

8x8: DLL Search-Order Hijacking Vulnerability in work-64-exe-v7.16.3-1.exe

@is- reported to us a DLL Search-Order Hijacking vulnerability in work-64-exe-v7.16.3-1.exe. Reference: https://attack.mitre.org/techniques/T1574/001/ The underlying issue was found in an older version of Squirrel.Windows. Issue Reference: https://github.com/Squirrel/Squirrel.Windows/issues/1801...