13 matches found
EUVD-2021-13594
Malware in sbrugna...
EUVD-2017-3656
Malware in sbrugna...
CVE-2024-13946
DLL's are not digitally signed when loaded in ASPECT's configuration toolset exposing the application to binary planting during device commissioning.This issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13946 Binary Planting / LoadLibrary DLL's not Signed
DLL's are not digitally signed when loaded in ASPECT's configuration toolset exposing the application to binary planting during device commissioning.This issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2022-47632
Razer Synapse before 3.7.0830.081906 allows privilege escalation due to an unsafe installation path, improper privilege management, and improper certificate validation. Attackers can place malicious DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin if they do so before the service is installed a...
CVE-2022-47632
Razer Synapse before 3.7.0830.081906 allows privilege escalation due to an unsafe installation path, improper privilege management, and improper certificate validation. Attackers can place malicious DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin if they do so before the service is installed a...
CVE-2021-31847 Improper privilege management in repair process of MA for Windows
Improper access control vulnerability in the repair process for McAfee Agent for Windows prior to 5.7.4 could allow a local attacker to perform a DLL preloading attack using unsigned DLLs. This would result in elevation of privileges and the ability to execute arbitrary code as the system user,...
CVE-2021-31840 DLL preload vulnerability in McAfee Agent for Windows
A vulnerability in the preloading mechanism of specific dynamic link libraries in McAfee Agent for Windows prior to 5.7.3 could allow an authenticated, local attacker to perform a DLL preloading attack with unsigned DLLs. To exploit this vulnerability, the attacker would need to have valid...
CVE-2021-26807
GalaxyClient version 2.0.28.9 loads unsigned DLLs such as zlib1.dll, libgccsdw2-1.dll and libwinpthread-1.dll from PATH, which allows an attacker to potentially run code locally through unsigned DLL loading...
CVE-2020-8324
A vulnerability was reported in LenovoAppScenarioPluginSystem for Lenovo System Interface Foundation prior to version 1.2.184.31 that could allow unsigned DLL files to be executed...
CVE-2019-5701
NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature also known as a binary planting or DLL preloading attack,...
CVE-2017-12070
Unsigned versions of the DLLs distributed by the OPC Foundation may be replaced with malicious code...
Microsoft Blocks Unsigned DLLs in Edge with Update
The security community rejoiced when Microsoft announced earlier this year that it would strip maligned extensions such as ActiveX and VB Script – often bullied in attacks – from its new Edge browser. Now the company claims a recent update to the browser prevents the loading of unsigned DLLs...