Total
1098 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-44168 | 1 Apple | 1 Macos | 2025-11-04 | 5.5 Medium |
| A library injection issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to modify protected parts of the file system. | ||||
| CVE-2025-60749 | 1 Trimble | 1 Sketchup | 2025-11-04 | 7.8 High |
| DLL Hijacking vulnerability in Trimble SketchUp desktop 2025 via crafted libcef.dll used by sketchup_webhelper.exe. | ||||
| CVE-2025-59889 | 1 Eaton | 1 Ipp Software | 2025-11-04 | 8.6 High |
| Improper authentication of library files in the Eaton IPP software installer could lead to arbitrary code execution of an attacker with the access to the software package. This security issue has been fixed in the latest version of IPP which is available on the Eaton download center. | ||||
| CVE-2024-48992 | 1 Needrestart Project | 1 Needrestart | 2025-11-03 | 7.8 High |
| Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable. | ||||
| CVE-2024-48990 | 1 Needrestart Project | 1 Needrestart | 2025-11-03 | 7.8 High |
| Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable. | ||||
| CVE-2021-36770 | 3 Fedoraproject, P5-encode Project, Perl | 3 Fedora, P5-encode, Perl | 2025-11-03 | 7.8 High |
| Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a Trojan horse Encode::ConfigLocal library (in the current working directory) that preempts dynamic module loading. Exploitation requires an unusual configuration, and certain 2021 versions of Encode.pm (3.05 through 3.11). This issue occurs because the || operator evaluates @INC in a scalar context, and thus @INC has only an integer value. | ||||
| CVE-2024-42190 | 1 Hcltech | 1 Traveler For Microsoft Outlook | 2025-10-30 | 6.5 Medium |
| HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a DLL hijacking vulnerability which could allow an attacker to modify or replace the application with malicious content. | ||||
| CVE-2024-42191 | 1 Hcltech | 1 Traveler For Microsoft Outlook | 2025-10-30 | 6.5 Medium |
| HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a COM hijacking vulnerability which could allow an attacker to modify or replace the application with malicious content. | ||||
| CVE-2025-61161 | 1 Evope | 1 Collector | 2025-10-30 | 8.4 High |
| DLL hijacking vulnerability in Evope Collector 1.1.6.9.0 and related components load the wtsapi32.dll library from an uncontrolled search path (C:\ProgramData\Evope). This allows local unprivileged attackers to execute arbitrary code or escalate privileges to SYSTEM by placing a crafted DLL in that location. The vulnerable component is Evope.Service.exe, which runs with SYSTEM privileges and automatically loads the DLL on startup or reboot. | ||||
| CVE-2025-62776 | 2 Microsoft, Wireless Tsukamoto | 2 Windows, Wtw Eagle | 2025-10-30 | N/A |
| The installer of WTW EAGLE (for Windows) 3.0.8.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application. | ||||
| CVE-2020-3433 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2025-10-28 | 7.8 High |
| A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. | ||||
| CVE-2020-3153 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2025-10-28 | 6.5 Medium |
| A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to copy user-supplied files to system level directories with system level privileges. The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a malicious file and copying the file to a system directory. An exploit could allow the attacker to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks. To exploit this vulnerability, the attacker needs valid credentials on the Windows system. | ||||
| CVE-2025-11940 | 2 Librewolf, Microsoft | 2 Librewolf, Windows | 2025-10-21 | 7 High |
| A security vulnerability has been detected in LibreWolf up to 143.0.4-1 on Windows. This affects an unknown function of the file assets/setup.nsi of the component Installer. Such manipulation leads to uncontrolled search path. The attack must be carried out locally. Attacks of this nature are highly complex. The exploitability is reported as difficult. Upgrading to version 144.0-1 mitigates this issue. The name of the patch is dd10e31dd873e9cb309fad8aed921d45bf905a55. It is suggested to upgrade the affected component. | ||||
| CVE-2025-26861 | 1 Rsupport | 1 Remotecall | 2025-10-21 | N/A |
| RemoteCall Remote Support Program (for Operator) versions prior to 5.3.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution. | ||||
| CVE-2025-26860 | 1 Rsupport | 1 Remotecall | 2025-10-21 | N/A |
| RemoteCall Remote Support Program (for Operator) versions prior to 5.1.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution. | ||||
| CVE-2025-26859 | 1 Rsupport | 1 Remoteview | 2025-10-21 | N/A |
| RemoteView PC Application Console versions prior to 6.0.2 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution. | ||||
| CVE-2025-62185 | 1 Ankitects | 1 Anki | 2025-10-10 | 6.7 Medium |
| In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, and this is executed for a YouTube link in the deck. The executable name could be youtube-dl.exe or yt-dlp.exe or yt-dlp_x86.exe. | ||||
| CVE-2025-49487 | 2 Microsoft, Trendmicro | 3 Windows, Wfbs Saas, Worry-free Business Security Services | 2025-10-09 | 6.8 Medium |
| An uncontrolled search path vulnerability in the Trend Micro Worry-Free Business Security Services (WFBSS) agent could have allowed an attacker with physical access to a machine to execute arbitrary code on affected installations. An attacker must have had physical access to the target system in order to exploit this vulnerability due to need to access a certain hardware component. Also note: this vulnerability only affected the SaaS client version of WFBSS only, meaning the on-premise version of Worry-Free Business Security was not affected, and this issue was addressed in a previous WFBSS monthly maintenance update. Therefore no other customer action is required to mitigate if the WFBSS agents are on the regular SaaS maintenance deployment schedule and this disclosure is for informational purposes only. | ||||
| CVE-2025-59684 | 1 Digisign | 2 Digisigner One, Digsigner One | 2025-10-08 | 8.8 High |
| DigiSign DigiSigner ONE 1.0.4.60 allows DLL Hijacking. | ||||
| CVE-2025-57781 | 1 Denso Ten | 1 Drive Recorder Viewer | 2025-10-06 | N/A |
| The installers of DENSO TEN drive recorder viewer contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privilege of the user invoking the installer. | ||||