Total
899 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-26861 | 2025-10-16 | N/A | 7.8 HIGH | ||
| RemoteCall Remote Support Program (for Operator) versions prior to 5.3.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution. | |||||
| CVE-2025-10581 | 2025-10-16 | N/A | 7.8 HIGH | ||
| A potential DLL hijacking vulnerability was discovered in the Lenovo PC Manager during an internal security assessment that could allow a local authenticated user to execute code with elevated privileges. | |||||
| CVE-2025-57716 | 1 Fortinet | 1 Forticlient | 2025-10-15 | N/A | 6.7 MEDIUM |
| An Uncontrolled Search Path Element vulnerability [CWE-427] in FortiClient Windows 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local low privileged user to perform a DLL hijacking attack via placing a malicious DLL to the FortiClient Online Installer installation folder. | |||||
| CVE-2025-23309 | 2025-10-14 | N/A | 8.2 HIGH | ||
| NVIDIA Display Driver contains a vulnerability where an uncontrolled DLL loading path might lead to arbitrary denial of service, escalation of privileges, code execution, and data tampering. | |||||
| CVE-2025-62185 | 1 Ankitects | 1 Anki | 2025-10-10 | N/A | 6.7 MEDIUM |
| In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, and this is executed for a YouTube link in the deck. The executable name could be youtube-dl.exe or yt-dlp.exe or yt-dlp_x86.exe. | |||||
| CVE-2025-49487 | 2 Microsoft, Trendmicro | 2 Windows, Worry-free Business Security Services | 2025-10-09 | N/A | 6.8 MEDIUM |
| An uncontrolled search path vulnerability in the Trend Micro Worry-Free Business Security Services (WFBSS) agent could have allowed an attacker with physical access to a machine to execute arbitrary code on affected installations. An attacker must have had physical access to the target system in order to exploit this vulnerability due to need to access a certain hardware component. Also note: this vulnerability only affected the SaaS client version of WFBSS only, meaning the on-premise version of Worry-Free Business Security was not affected, and this issue was addressed in a previous WFBSS monthly maintenance update. Therefore no other customer action is required to mitigate if the WFBSS agents are on the regular SaaS maintenance deployment schedule and this disclosure is for informational purposes only. | |||||
| CVE-2025-59684 | 1 Digisign | 1 Digisigner One | 2025-10-08 | N/A | 8.8 HIGH |
| DigiSign DigiSigner ONE 1.0.4.60 allows DLL Hijacking. | |||||
| CVE-2025-11223 | 2025-10-06 | N/A | 7.8 HIGH | ||
| Installer of Panasonic AutoDownloader version 1.2.8 contains an issue with the DLL search path, which may lead to loading a crafted DLL file in the same directory. | |||||
| CVE-2025-27237 | 2025-10-06 | N/A | N/A | ||
| In Zabbix Agent and Agent 2 on Windows, the OpenSSL configuration file is loaded from a path writable by low-privileged users, allowing malicious modification and potential local privilege escalation by injecting a DLL. | |||||
| CVE-2025-57781 | 2025-10-06 | N/A | 7.8 HIGH | ||
| The installers of DENSO TEN drive recorder viewer contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privilege of the user invoking the installer. | |||||
| CVE-2025-11178 | 2025-10-02 | N/A | 7.3 HIGH | ||
| Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42386. | |||||
| CVE-2025-56383 | 2025-10-01 | N/A | 8.4 HIGH | ||
| Notepad++ v8.8.3 has a DLL hijacking vulnerability, which can replace the original DLL file to execute malicious code. NOTE: this is disputed by multiple parties because the behavior only occurs when a user installs the product into a directory tree that allows write access by arbitrary unprivileged users. | |||||
| CVE-2025-9267 | 2025-09-29 | N/A | N/A | ||
| In Seagate Toolkit on Windows a vulnerability exists in the Toolkit Installer prior to versions 2.35.0.6 where it attempts to load DLLs from the current working directory without validating their origin or integrity. This behavior can be exploited by placing a malicious DLL in the same directory as the installer executable, leading to arbitrary code execution with the privileges of the user running the installer. The issue stems from the use of insecure DLL loading practices, such as relying on relative paths or failing to specify fully qualified paths when invoking system libraries. | |||||
| CVE-2024-53977 | 1 Siemens | 2 Modelsim, Questa | 2025-09-25 | N/A | 6.7 MEDIUM |
| A vulnerability has been identified in ModelSim (All versions < V2025.1), Questa (All versions < V2025.1). An example setup script contained in affected applications allows a specific executable file to be loaded from the current working directory. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges in installations where administrators or processes with elevated privileges launch the script from a user-writable directory. | |||||
| CVE-2025-9844 | 2025-09-24 | N/A | 8.8 HIGH | ||
| Uncontrolled Search Path Element vulnerability in Salesforce Salesforce CLI on Windows allows Replace Trusted Executable.This issue affects Salesforce CLI: before 2.106.6. | |||||
| CVE-2025-35471 | 2 Conda-forge, Microsoft | 3 Miniforge, Openssl-feedstock, Windows | 2025-09-23 | N/A | 7.3 HIGH |
| conda-forge openssl-feedstock before 066e83c (2024-05-20), on Microsoft Windows, configures OpenSSL to use an OPENSSLDIR file path that can be written to by non-privilged local users. By writing a specially crafted openssl.cnf file in OPENSSLDIR, a non-privileged local user can execute arbitrary code with the privileges of the user or process loading openssl-feedstock DLLs. Miniforge before 24.5.0 is also affected. | |||||
| CVE-2025-57624 | 2025-09-17 | N/A | 7.8 HIGH | ||
| A DLL hijacking vulnerability in CYRISMA Agent before 444 allows local users to escalate privileges and execute arbitrary code via multiple DLLs. | |||||
| CVE-2025-9201 | 2025-09-15 | N/A | 7.8 HIGH | ||
| A potential DLL hijacking vulnerability was discovered in Lenovo Browser during an internal security assessment that could allow a local user to execute code with elevated privileges. | |||||
| CVE-2025-9000 | 1 Mechrevo | 1 Control Center Gx V2 | 2025-09-11 | 6.0 MEDIUM | 7.0 HIGH |
| A vulnerability was found in Mechrevo Control Center GX V2 5.56.51.48. Affected by this vulnerability is an unknown functionality of the component reg File Handler. The manipulation leads to uncontrolled search path. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-9016 | 1 Mechrevo | 1 Control Center Gx V2 | 2025-09-11 | 6.0 MEDIUM | 7.0 HIGH |
| A vulnerability was identified in Mechrevo Control Center GX V2 5.56.51.48. This affects an unknown part of the file C:\Program Files\OEM\机械革命控制中心\AiStoneService\MyControlCenter\Command of the component Powershell Script Handler. The manipulation leads to uncontrolled search path. Local access is required to approach this attack. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. | |||||