CWE-427: CWE-427

This vulnerability allows attackers to perform DLL hijacking by placing a malicious DLL in a location searched by the affected software before legitim...

Tally Prime Edit Log v2.1 contains a DLL hijacking vulnerability in TextShaping.dll that allows attackers to execute arbitrary code by placing a malic...

A DLL hijacking vulnerability in iTop VPN v16.0 allows attackers to execute arbitrary code with the privileges of the VPN application by placing a mal...

This CVE describes an uncontrolled search path element vulnerability in Adobe Photoshop Desktop that could allow arbitrary code execution. Attackers c...

This CVE describes a DLL injection vulnerability in SAPSetup that allows attackers with local Windows user privileges to escalate privileges. This ena...

This CVE describes a local privilege escalation vulnerability in Acronis Cyber Protect 16 for Windows due to DLL hijacking. Attackers with local acces...

This CVE describes a local privilege escalation vulnerability in Acronis Cyber Protect 16 for Windows due to DLL hijacking. Attackers with local acces...

CVE-2022-27595 is an insecure library loading vulnerability in QVPN Device Client that allows local attackers with user access to execute arbitrary co...

This vulnerability allows a local authenticated attacker to execute malicious code by placing a specially crafted DLL in a specific folder. It affects...

This CVE describes a DLL hijacking vulnerability in Mitsubishi Electric's GENESIS64, ICONICS Suite, and related industrial control software. A local a...

CVE-2024-48990 is a local privilege escalation vulnerability in needrestart versions before 3.8. Attackers can exploit it by manipulating the PYTHONPA...

CVE-2024-48992 is a local privilege escalation vulnerability in needrestart versions before 3.8. Attackers with local access can trick needrestart int...

This vulnerability allows a local attacker to execute arbitrary code on systems running Helakuru Desktop Application v1.1 by exploiting DLL hijacking ...

This vulnerability allows local attackers to execute arbitrary code through DLL hijacking in VSO ConvertXtoDvd. Attackers can place a malicious avcode...

A DLL hijack vulnerability in Lenovo Emulator allows local attackers to execute arbitrary code with elevated privileges by placing a malicious DLL in ...

A DLL hijack vulnerability in Lenovo Super File allows local attackers to execute arbitrary code with elevated privileges by placing a malicious DLL i...

A DLL hijack vulnerability in Lenovo Service Framework allows local attackers to execute arbitrary code with elevated privileges by placing a maliciou...

A DLL hijack vulnerability in Lenovo Leyun allows local attackers to execute arbitrary code with elevated privileges by placing a malicious DLL in a l...

A DLL hijack vulnerability in Lenovo Personal Cloud allows a local attacker to execute arbitrary code with elevated privileges by placing a malicious ...

CVE-2024-6510 is a local privilege escalation vulnerability in AVG Internet Security v24 on Windows. It allows an unprivileged local user to gain SYST...

This vulnerability in IObit DualSafe Password Manager 1.4.0.3 allows DLL side-loading attacks via the RTL120.BPL library. Attackers can execute arbitr...

This vulnerability in IObit Driver Booster 11.0.0.0 allows local attackers to exploit an uncontrolled search path issue in the VCL120.BPL library comp...

This vulnerability in IObit iTop Data Recovery Pro 4.4.0.687 allows local attackers to execute arbitrary code via DLL hijacking in the madbasic_.bpl l...

This vulnerability allows remote attackers to execute arbitrary code on Luxion KeyShot installations by tricking users into opening malicious BIP file...

This vulnerability allows local attackers to escalate privileges on systems running D-Link Network Assistant. Attackers with low-privileged access can...

This vulnerability allows remote attackers to execute arbitrary code on Ashlar-Vellum Cobalt installations by tricking users into opening malicious fi...

This vulnerability allows local attackers to escalate privileges on 3CX installations by exploiting an insecure OpenSSL configuration file location. A...

This vulnerability in VT STUDIO allows attackers to execute arbitrary code by exploiting insecure DLL loading. It affects users of VT STUDIO version 8...

This vulnerability allows attackers to execute arbitrary code by exploiting an uncontrolled DLL search path in SonicDICOM Media Viewer. Attackers can ...

EasyRange Ver 1.41 has a path search order vulnerability where it may execute malicious files from the same folder as extracted files instead of legit...

This CVE describes a dylib hijacking vulnerability in FileMaker Pro and Claris Pro applications on macOS. Attackers can place malicious dynamic librar...

Delta Electronics CNCSoft-B DOPSoft versions before 4.0.0.82 insecurely load dynamic link libraries (DLLs), allowing attackers to perform DLL hijackin...

This vulnerability allows attackers to hijack DLL files used by Trend Micro's uiAirSupport component, enabling them to execute arbitrary code with ele...

This CVE describes a DLL hijacking vulnerability in PTC's Kepware KEPServerEX software that allows a locally authenticated attacker to escalate privil...

This CVE describes a DLL hijacking vulnerability in Acronis Cyber Protect products for Windows that allows local attackers to escalate privileges. Att...

EzViz Studio v2.2.0 is vulnerable to DLL hijacking, allowing attackers to execute arbitrary code by placing malicious DLL files in directories where t...

A DLL hijacking vulnerability in HuddlyCameraService allows attackers to place malicious DLLs in the service directory, which standard users can write...

This CVE describes an untrusted search path vulnerability in Notepad++ 6.5 that allows local users to escalate privileges by placing a malicious msimg...

This CVE describes an untrusted search path vulnerability in NetEase CloudMusic for Windows that allows local users to escalate privileges by placing ...

This vulnerability allows attackers to place malicious DLL files in non-default locations, which can then be loaded by affected Autodesk software with...

A binary hijacking vulnerability in VLC media player's uninstaller on Windows allows standard users to execute arbitrary code with SYSTEM privileges. ...

This vulnerability allows attackers to execute arbitrary code on systems running Duet Display version 2.5.9.1 by placing a malicious DLL in a specific...

This vulnerability in Lenovo System Update allows attackers with local access to execute arbitrary code with elevated privileges by exploiting an unco...

This is a critical local privilege escalation vulnerability in XINJE XDPPro software up to version 3.7.17a. It allows attackers with local access to e...

CVE-2022-4956 is a critical local privilege escalation vulnerability in Caphyon Advanced Installer 19.7 that allows attackers to execute arbitrary cod...

This vulnerability in Lenovo Universal Device Client allows attackers with local access to execute arbitrary code with elevated privileges by exploiti...

This CVE describes a DLL hijacking vulnerability in OutSystems Service Studio 11. When users open .oml files, the application loads specific DLLs from...

This vulnerability allows a local attacker to execute arbitrary code on Diebold Nixdorf Vynamic View Console systems via DLL hijacking. Attackers can ...

A DLL hijacking vulnerability in Siemens Software Center allows local attackers to execute arbitrary code with elevated privileges by placing a malici...

This vulnerability allows privilege escalation through a DLL hijacking attack in Autodesk installers. An attacker could execute arbitrary code with el...