CWE-427: CWE-427

This CVE describes an elevation of privilege vulnerability in Visual Studio Code where an attacker could execute arbitrary code with higher privileges...

This vulnerability in Visual Studio Installer allows attackers to elevate privileges on Windows systems. An authenticated attacker could execute arbit...

NetMod VPN Client 5.3.1 is vulnerable to DLL injection, allowing attackers to execute arbitrary code by placing malicious DLLs in directories where th...

This vulnerability allows local attackers to escalate privileges on systems running vulnerable versions of Famatech Advanced IP Scanner. Attackers who...

Solid Edge SE2024 versions before V224.0 Update 9 contain a DLL hijacking vulnerability that allows attackers to execute arbitrary code by placing a m...

This CVE describes a local privilege escalation vulnerability in Acronis Cyber Files for Windows due to DLL hijacking. Attackers with local access can...

This CVE describes an uncontrolled search path element vulnerability in Diebold Nixdorf products, allowing attackers to execute arbitrary code by plac...

This vulnerability allows authenticated local attackers to execute arbitrary code with SYSTEM privileges on Windows systems running vulnerable Cisco M...

This CVE describes a local privilege escalation vulnerability in Acronis Snap Deploy for Windows due to DLL hijacking. Attackers with local access can...

This CVE describes a local privilege escalation vulnerability in Acronis Snap Deploy for Windows due to DLL hijacking. Attackers with local access can...

Dell Peripheral Manager versions before 1.7.6 have a DLL hijacking vulnerability where attackers can place malicious DLLs in locations the software se...

Dell Peripheral Manager versions before 1.7.6 have a DLL hijacking vulnerability where attackers can place malicious DLLs in locations the application...

Dell OpenManage Server Administrator (OMSA) versions 11.0.1.0 and prior contain a local privilege escalation vulnerability via XSL hijacking. A local ...

This vulnerability allows attackers with local access to execute arbitrary code by placing malicious DLLs in the same folder as the SanDisk Security I...

This CVE describes a DLL search order hijacking vulnerability in SonicWall NetExtender Windows client versions 10.2.336 and earlier. A local attacker ...

This CVE describes a DLL hijacking vulnerability in Acronis Cyber Protect products on Windows that allows local attackers to escalate privileges. An a...

This vulnerability in CODESYS Development System allows attackers to execute arbitrary binaries from the current working directory with the user's pri...

This vulnerability allows standard users to replace files in the Acuant AcuFill SDK installation directory due to insecure permissions. When these fil...

This vulnerability in AFL++ 4.05c allows attackers to execute arbitrary code by exploiting the CmpLog component's use of the current working directory...

This vulnerability allows attackers to perform DLL hijacking in AVEVA PCS Portal by placing malicious DLLs in locations the software searches. It affe...

ShowMyPC 3606 on Windows has a DLL hijack vulnerability where attackers can place malicious code in a specific temporary directory file (wodVPN.dll) t...

Node.js on Windows is vulnerable to DLL hijacking when OpenSSL is installed with a specific configuration file path. This allows attackers to execute ...

This DLL search path vulnerability in Lenovo PCManager allows attackers to place malicious DLLs in directories searched by the application, potentiall...

This vulnerability allows local privilege escalation in Razer Synapse software. An unprivileged user can create a directory and place malicious DLLs b...

This CVE describes a DLL hijacking vulnerability in Acronis Media Builder service that allows local attackers to escalate privileges on Windows system...

This CVE describes a DLL hijacking vulnerability in Adobe Acrobat Reader DC where a local attacker with non-administrative privileges can plant a mali...

This vulnerability allows an attacker to execute arbitrary code on a victim's system by placing a malicious DLL in the C:/ folder and tricking the use...

This vulnerability allows authenticated local attackers on Windows systems with McAfee Agent to perform DLL preloading attacks using unsigned DLLs, le...

This vulnerability in Intel Driver & Support Assistant (DSA) allows authenticated local users to escalate privileges by exploiting an uncontrolled sea...

This vulnerability in Intel Processor Diagnostic Tool allows authenticated local users to escalate privileges by exploiting an uncontrolled search pat...

This CVE describes an Uncontrolled Search Path Element vulnerability in multiple B&R Industrial Automation products that allows an authenticated local...

This vulnerability in McAfee Safe Connect allows attackers with existing system privileges to escalate their privileges by loading arbitrary DLLs. It ...

TrueConf Client 8.5.2 is vulnerable to DLL hijacking where attackers can place a malicious wfapi.dll file to execute arbitrary code. This affects loca...

This vulnerability allows local attackers to escalate privileges on TensorFlow installations by exploiting an insecure plugin loading mechanism. Attac...

This CVE describes an uncontrolled search path element vulnerability in Elastic Beats Windows installer that allows local privilege escalation. Attack...

This CVE describes an uncontrolled search path element vulnerability in Forcepoint FIE Endpoint that allows attackers to escalate privileges, inject c...

CVE-2024-41817 is a path injection vulnerability in ImageMagick's AppImage version where empty paths in MAGICK_CONFIGURE_PATH and LD_LIBRARY_PATH envi...

This vulnerability in IBM System Management for i allows a local user to escalate privileges by exploiting an unqualified library program call. An att...

This is a DLL hijacking vulnerability in Mitsubishi Electric's GENESIS and ICONICS industrial control software suites. A local attacker can execute ar...

Dell OpenManage Server Administrator (OMSA) versions 10.3.0.0 and earlier contain a DLL injection vulnerability that allows local authenticated attack...

This vulnerability allows authenticated local attackers to perform DLL hijacking attacks on affected Cisco security products for Windows. Attackers ca...

CVE-2021-21008 is a path traversal vulnerability in Adobe Animate that allows arbitrary code execution when a user opens a malicious file. Attackers c...

CVE-2021-21010 is an uncontrolled search path vulnerability in Adobe InCopy for Windows that allows arbitrary code execution when a user opens a malic...

This vulnerability allows physically-present attackers to escalate privileges on PDFsam Enhanced installations by exploiting an insecure OpenSSL confi...

This vulnerability allows attackers to execute arbitrary code by planting malicious DLL files that the ASPECT configuration toolset loads without prop...

Dell PowerScale OneFS contains an uncontrolled search path vulnerability that allows high-privileged local attackers to execute arbitrary code by mani...

This vulnerability allows local attackers to execute arbitrary code or access sensitive files by placing a malicious DLL in the same directory as the ...

This vulnerability allows arbitrary code execution when PsySH (a PHP developer console) automatically loads a malicious .psysh.php file from the curre...

CVE-2025-33231 is a DLL hijacking vulnerability in NVIDIA Nsight Systems for Windows that allows attackers to execute arbitrary code by placing malici...

This CVE describes a Search Order Hijacking vulnerability in Altera Quartus Prime's Nios II Command Shell modules on Windows. Attackers can place mali...