Vulnerabilities > Uncontrolled Search Path Element
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-09-17 | CVE-2024-44168 | Uncontrolled Search Path Element vulnerability in Apple Macos A library injection issue was addressed with additional restrictions. | 5.5 |
2024-09-16 | CVE-2024-34153 | Uncontrolled Search Path Element vulnerability in Intel Raid web Console Uncontrolled search path element in Intel(R) RAID Web Console software for all versions may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2024-09-16 | CVE-2024-39613 | Uncontrolled Search Path Element vulnerability in Mattermost Desktop Mattermost Desktop App versions <=5.8.0 fail to specify an absolute path when searching the cmd.exe file, which allows a local attacker who is able to put an cmd.exe file in the Downloads folder of a user's machine to cause remote code execution on that machine. | 7.8 |
2024-09-12 | CVE-2024-20430 | Uncontrolled Search Path Element vulnerability in Cisco Meraki Systems Manager A vulnerability in Cisco Meraki Systems Manager (SM) Agent for Windows could allow an authenticated, local attacker to execute arbitrary code with elevated privileges. This vulnerability is due to incorrect handling of directory search paths at runtime. | 7.3 |
2024-09-12 | CVE-2024-6510 | Uncontrolled Search Path Element vulnerability in AVG Internet Security Local Privilege Escalation in AVG Internet Security v24 on Windows allows a local unprivileged user to escalate privileges to SYSTEM via COM-Hijacking. | 7.8 |
2024-09-10 | CVE-2024-44107 | Uncontrolled Search Path Element vulnerability in Ivanti Workspace Control DLL hijacking in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges and achieve arbitrary code execution. | 7.8 |
2024-09-10 | CVE-2024-8441 | Uncontrolled Search Path Element vulnerability in Ivanti Endpoint Manager An uncontrolled search path in the agent of Ivanti EPM before 2022 SU6, or the 2024 September update allows a local authenticated attacker with admin privileges to escalate their privileges to SYSTEM. | 6.7 |
2024-09-04 | CVE-2024-7834 | Uncontrolled Search Path Element vulnerability in Overwolf A local privilege escalation is caused by Overwolf loading and executing certain dynamic link library files from a user-writeable folder in SYSTEM context on launch. | 7.8 |
2024-08-29 | CVE-2024-34017 | Uncontrolled Search Path Element vulnerability in Acronis Snap Deploy 6 Local privilege escalation due to DLL hijacking vulnerability. | 7.3 |
2024-08-29 | CVE-2024-34019 | Uncontrolled Search Path Element vulnerability in Acronis Snap Deploy 6 Local privilege escalation due to DLL hijacking vulnerability. | 7.3 |