CWE-427: CWE-427

This vulnerability in Autodesk InfraWorks allows attackers to craft malicious DLL files that cause the software to read beyond allocated memory bounda...

This DLL hijacking vulnerability in Soft-o Free Password Manager allows attackers to place malicious DLL files in directories where the application se...

The CyberGhostVPN Windows client before version 8.3.10.10015 contains a DLL injection vulnerability in Dashboard.exe that allows attackers to execute ...

This CVE describes a DLL hijacking vulnerability in Acronis Snap Deploy for Windows that allows local attackers to escalate privileges. Attackers can ...

This vulnerability allows remote attackers to execute arbitrary code on AVEVA Edge 2020 installations by tricking users into opening malicious APP fil...

This vulnerability allows local users on Linux systems to escalate privileges by placing a malicious libgcc_s.so.1 library in a directory where ONLYOF...

CVE-2021-31637 is a DLL hijacking vulnerability in UwAmp web server software that allows remote attackers to execute arbitrary code by placing a malic...

CVE-2022-32972 is a DLL injection vulnerability in Infoblox BloxOne Endpoint for Windows that allows local attackers to execute arbitrary code with el...

CVE-2022-48077 is a DLL hijacking vulnerability in Genymotion Desktop that allows attackers to escalate privileges and execute arbitrary code by placi...

A DLL hijacking vulnerability in Scooter Beyond Compare's uninstaller allows local attackers to execute arbitrary code with SYSTEM privileges. When th...

This vulnerability allows local attackers with low-privileged code execution on affected Parallels Access Agent installations to escalate privileges t...

Dell SupportAssist contains a privilege escalation vulnerability where non-admin users can gain admin access to the system. This affects both Consumer...

This vulnerability in Trend Micro Password Manager installer versions 3.7.0.1223 and below allows attackers to execute arbitrary code by placing malic...

This CVE describes a DLL hijacking vulnerability in Acronis Snap Deploy for Windows that allows local attackers to escalate privileges. Attackers can ...

CVE-2021-20051 is a DLL search order hijacking vulnerability in SonicWall Global VPN Client installer versions 4.10.7.1117 and earlier. A local attack...

This vulnerability allows attackers to perform DLL hijacking when the Git for Windows uninstaller runs under the SYSTEM user account. Attackers could ...

Delta Electronics DIAEnergie versions prior to 1.8.02.004 are vulnerable to DLL hijacking combined with incorrect default permissions. This allows loc...

This vulnerability allows attackers to execute arbitrary code with elevated privileges by placing a malicious DLL in a directory that AttacheCase sear...

This vulnerability in WPS Office installer allows attackers to execute arbitrary code by exploiting insecure DLL loading. It affects users running WPS...

This vulnerability in Trend Micro Password Manager installer allows attackers to place malicious DLL files in specific directories, which the installe...

This CVE describes a DLL hijacking vulnerability in Atlassian Confluence Server and Data Center installers on Windows. Authenticated local attackers c...

CVE-2022-23410 is a DLL hijacking vulnerability in AXIS IP Utility that allows attackers to execute arbitrary code with elevated privileges. It affect...

This vulnerability allows arbitrary code execution when KDE Kate or KTextEditor opens a file from an untrusted directory. If the required LSP server b...

CVE-2022-0483 is a local privilege escalation vulnerability in Acronis VSS Doctor for Windows caused by insecure folder permissions. This allows authe...

This vulnerability in Intel GPA software allows authenticated local users to escalate privileges by manipulating the software's search path. It affect...

This vulnerability allows an unprivileged user to perform DLL hijacking by placing a malicious DLL in a directory listed in the system's PATH environm...

This CVE describes a local privilege escalation vulnerability in McAfee Agent where a low-privileged user can create malicious directories and files t...

CVE-2021-43037 is a privilege escalation vulnerability in Kaseya Unitrends Backup Appliance Windows agent due to insecure default permissions that all...

This CVE describes a DLL hijacking vulnerability in Acronis Cyber Protect 15 for Windows that allows local attackers to escalate privileges by placing...

This vulnerability in Intel PROSet/Wireless WiFi software for Windows 10 allows authenticated local users to escalate privileges by exploiting an unco...

This vulnerability allows local users to execute arbitrary code with elevated privileges by placing a malicious DLL in a folder that McAfee Drive Encr...

Delta Electronics DIALink versions 1.2.4.0 and earlier have a DLL hijacking vulnerability due to insecure library loading. This allows attackers to ex...

Delta Electronics DIALink versions 1.2.4.0 and earlier have insecure default permissions that grant excessive privileges to low-privileged user accoun...

This vulnerability allows attackers to perform path interception attacks on Windows systems by planting a malicious reg.exe binary that gets executed ...

This vulnerability allows attackers to escalate privileges by exploiting the MSI installer repair function in Checkpoint Harmony Browse and SandBlast ...

This vulnerability allows a local attacker with low-privileged code execution to escalate privileges on Trend Micro Apex One installations. It affects...

CVE-2021-36216 is a DLL injection vulnerability in LINE for Windows that allows attackers to execute arbitrary code by placing malicious DLL files in ...

This CVE describes an untrusted search path vulnerability in Sony Audio USB Driver and HAP Music Transfer installers. Attackers can place malicious DL...

CVE-2021-28595 is an uncontrolled search path vulnerability in Adobe Dimension that allows arbitrary code execution when a user opens a malicious file...

This vulnerability allows a locally authenticated low-privileged user to load arbitrary DLLs through Dell SupportAssist, leading to privilege escalati...

This vulnerability in NVIDIA GPU Display Driver for Windows allows attackers to execute arbitrary code, cause denial of service, disclose information,...

This CVE describes a DLL search path vulnerability in Lenovo PCManager that could allow local attackers to escalate privileges by placing a malicious ...

CVE-2021-36753 is a path traversal vulnerability in sharkdp's BAT syntax highlighter where the application executes less.exe from the current working ...

This CVE describes a local privilege escalation vulnerability in Palo Alto Networks Cortex XDR agent on Windows. An authenticated local user with file...

CVE-2021-22000 is a DLL hijacking vulnerability in VMware ThinApp that allows attackers with local non-administrative access to execute arbitrary code...

This vulnerability in dandavison delta on Windows allows path traversal attacks by resolving executable paths relative to the current directory instea...

CVE-2021-3613 is a local privilege escalation vulnerability in OpenVPN Connect for Windows that allows local users to load arbitrary dynamic libraries...

This vulnerability allows Thunderbird to load a malicious shared library instead of the legitimate OTR protocol library due to an incorrect filename s...

This vulnerability in TeamViewer for Windows allows attackers to execute arbitrary code by placing malicious DLL files in specific directories that th...

This CVE describes a DLL hijacking vulnerability in cachecleaner.dll within the BIG-IP Edge Client Windows Installer. Attackers can exploit this by pl...