Vulnerabilities > Uncontrolled Search Path Element

DATE CVE VULNERABILITY TITLE RISK
2022-06-30 CVE-2017-20123 Uncontrolled Search Path Element vulnerability in Sparklabs Viscosity 1.6.7
A vulnerability was found in Viscosity 1.6.7.
6.9
2022-06-29 CVE-2022-33035 Uncontrolled Search Path Element vulnerability in Netsarang Xlpd
XLPD v7.0.0094 and below contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges.
local
low complexity
netsarang CWE-427
7.2
2022-06-29 CVE-2022-33036 Uncontrolled Search Path Element vulnerability in Embarcadero Dev-C++ 6.3
A binary hijack in Embarcadero Dev-CPP v6.3 allows attackers to execute arbitrary code via a crafted .exe file.
4.4
2022-06-29 CVE-2022-33037 Uncontrolled Search Path Element vulnerability in Orwell-Dev-Cpp Project Orwell-Dev-Cpp
A binary hijack in Orwell-Dev-Cpp v5.11 allows attackers to execute arbitrary code via a crafted .exe file.
4.4
2022-06-20 CVE-2022-1824 Uncontrolled Search Path Element vulnerability in Mcafee Consumer Product Removal Tool
An uncontrolled search path vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local attacker to perform a sideloading attack by using a specific file name.
local
mcafee CWE-427
4.4
2022-06-16 CVE-2017-20051 Uncontrolled Search Path Element vulnerability in Jrsoftware Inno Setup
A vulnerability was found in InnoSetup Installer.
4.4
2022-06-16 CVE-2017-20052 Uncontrolled Search Path Element vulnerability in Python 2.7.13
A vulnerability classified as problematic was found in Python 2.7.13.
local
python CWE-427
4.4
2022-06-15 CVE-2022-22788 Uncontrolled Search Path Element vulnerability in Zoom Meetings and Rooms
The Zoom Opener installer is downloaded by a user from the Launch meeting page, when attempting to join a meeting without having the Zoom Meeting Client installed.
local
zoom CWE-427
6.9
2022-06-13 CVE-2022-24077 Uncontrolled Search Path Element vulnerability in Naver Cloud Explorer
Naver Cloud Explorer Beta allows the attacker to execute arbitrary code as System privilege via malicious DLL injection.
local
naver CWE-427
6.9
2022-06-10 CVE-2022-29092 Uncontrolled Search Path Element vulnerability in Dell products
Dell SupportAssist Client Consumer versions (3.11.0 and versions prior) and Dell SupportAssist Client Commercial versions (3.2.0 and versions prior) contain a privilege escalation vulnerability.
local
low complexity
dell CWE-427
7.2