CVE & Exploit Intelligence Database

CVE-2019-6534 7.8 HIGH EPSS 0.01

The uncontrolled search path element vulnerability in Gemalto Sentinel UltraPro Client Library ux32w.dll Versions 1.3.0, 1.3.1, and 1.3.2 enables an attacker to load and execute a malicious file.

CWE-427 Apr 11, 2019

CVE-2015-1014 7.3 HIGH EPSS 0.00

A successful exploit of these vulnerabilities requires the local user to load a crafted DLL file in the system directory on servers running Schneider Electric OFS v3.5 with version v7.40 of SCADA Expert Vijeo Citect/CitectSCADA, OFS v3.5 with version v7.30 of Vijeo Citect/CitectSCADA, and OFS v3.5 with version v7.20 of Vijeo Citect/CitectSCADA.. If the application attempts to open that file, the application could crash or allow the attacker to execute arbitrary code. Schneider Electric recommends vulnerable users upgrade the OFS to V3.5 and install the latest service pack (SP 6 or newer) for their associated version.

CWE-427 Mar 25, 2019

CVE-2019-9896 7.8 HIGH 1 PoC Analysis EPSS 0.02

In PuTTY versions before 0.71 on Windows, local attackers could hijack the application by putting a malicious help file in the same directory as the executable.

CWE-427 Mar 21, 2019

CVE-2019-4094 7.8 HIGH EPSS 0.00

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 binaries load shared libraries from an untrusted path potentially giving low privilege user full access to root by loading a malicious shared library. IBM X-Force ID: 158014.

CWE-427 Mar 21, 2019

CVE-2018-1890 5.6 MEDIUM EPSS 0.00

IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081.

CWE-427 Mar 11, 2019

CVE-2019-9634 7.8 HIGH EPSS 0.01

Go through 1.12 on Windows misuses certain LoadLibrary functionality, leading to DLL injection.

CWE-427 Mar 08, 2019

CVE-2019-9546 9.8 CRITICAL EXPLOITED 1 Writeup EPSS 0.02

SolarWinds Orion Platform before 2018.4 Hotfix 2 allows privilege escalation through the RabbitMQ service.

CWE-427 Mar 01, 2019

CVE-2019-9116 7.8 HIGH EPSS 0.00

DLL hijacking is possible in Sublime Text 3 version 3.1.1 build 3176 on 32-bit Windows platforms because a Trojan horse api-ms-win-core-fibers-l1-1-1.dll or api-ms-win-core-localization-l1-2-1.dll file may be loaded if a victim uses sublime_text.exe to open a .txt file within an attacker's %LOCALAPPDATA%\Temp\sublime_text folder. NOTE: the vendor's position is "This does not appear to be a bug with Sublime Text, but rather one with Windows that has been patched.

CWE-427 Feb 25, 2019

CVE-2019-7653 9.8 CRITICAL EPSS 0.01

The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has CLI tools that can load Python modules from the current working directory, allowing code injection, because "python -m" looks in this directory, as demonstrated by rdf2dot. This issue is specific to use of the debian/scripts directory.

CWE-427 Feb 09, 2019

CVE-2018-16177 7.8 HIGH EPSS 0.00

Untrusted search path vulnerability in The installer of Windows 10 Fall Creators Update Modify module for Security Measures tool allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

CWE-427 Jan 09, 2019

CVE-2018-20211 7.8 HIGH EPSS 0.00

ExifTool 8.32 allows local users to gain privileges by creating a %TEMP%\par-%username%\cache-exiftool-8.32 folder with a victim's username, and then copying a Trojan horse ws32_32.dll file into this new folder, aka DLL Hijacking. NOTE: 8.32 is an obsolete version from 2010 (9.x was released starting in 2012, and 10.x was released starting in 2015).

CWE-427 Jan 02, 2019

CVE-2018-15452 5.5 MEDIUM EPSS 0.00

A vulnerability in the DLL loading component of Cisco Advanced Malware Protection (AMP) for Endpoints on Windows could allow an authenticated, local attacker to disable system scanning services or take other actions to prevent detection of unauthorized intrusions. To exploit this vulnerability, the attacker would need to have administrative credentials on the Windows system. The vulnerability is due to the improper validation of resources loaded by a system process at run time. An attacker could exploit this vulnerability by crafting a malicious DLL file and placing it in a specific location on the targeted system. A successful exploit could allow the attacker to disable the targeted system's scanning services and ultimately prevent the system from being protected from further intrusion. There are no workarounds that address this vulnerability.

CWE-427 Nov 13, 2018

CVE-2018-7799 7.8 HIGH EPSS 0.00

A DLL hijacking vulnerability exists in Schneider Electric Software Update (SESU), all versions prior to V2.2.0, which could allow an attacker to execute arbitrary code on the targeted system when placing a specific DLL file.

CWE-427 Nov 02, 2018

CVE-2018-14812 7.8 HIGH EPSS 0.00

An uncontrolled search path element (DLL Hijacking) vulnerability has been identified in Fuji Electric Energy Savings Estimator versions V.1.0.2.0 and prior. Exploitation of this vulnerability could give an attacker access to the system with the same level of privilege as the application that utilizes the malicious DLL.

CWE-427 Oct 24, 2018

CVE-2018-15976 7.8 HIGH EPSS 0.02

Adobe Technical Communications Suite versions 1.0.5.1 and below have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.

CWE-427 Oct 17, 2018

CVE-2018-11072 7.8 HIGH EPSS 0.00

Dell Digital Delivery versions prior to 3.5.1 contain a DLL Injection Vulnerability. A local authenticated malicious user with advance knowledge of the application workflow could potentially load and execute a malicious DLL with administrator privileges.

CWE-427 Oct 02, 2018

CVE-2018-12163 4.8 MEDIUM EPSS 0.00

A DLL injection vulnerability in the Intel IoT Developers Kit 4.0 installer may allow an authenticated user to potentially escalate privileges using file modification via local access.

CWE-427 Sep 12, 2018

CVE-2018-12160 5.3 MEDIUM EPSS 0.00

DLL injection vulnerability in software installer for Intel Data Center Migration Center Software v3.1 and before may allow an authenticated user to potentially execute code using default directory permissions via local access.

CWE-276 Sep 12, 2018

CVE-2018-13806 7.8 HIGH EPSS 0.00

A vulnerability has been identified in SIEMENS TD Keypad Designer (All versions). A DLL hijacking vulnerability exists in all versions of SIEMENS TD Keypad Designer which could allow an attacker to execute code with the permission of the user running TD Designer. The attacker must have write access to the directory containing the TD project file in order to exploit the vulnerability. A legitimate user with higher privileges than the attacker must open the TD project in order for this vulnerability to be exploited. At the time of advisory publication no public exploitation of this security vulnerability was known.

CWE-427 Sep 12, 2018

CVE-2018-14797 7.8 HIGH EPSS 0.00

Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 allow a specially crafted DLL file to be placed in the search path and loaded as an internal and valid DLL, which may allow arbitrary code execution.

CWE-427 Aug 23, 2018