Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-05 | CVE-2024-23054 | Uncontrolled Search Path Element vulnerability in Plone Docker Official Image 5.2.13 An issue in Plone Docker Official Image 5.2.13 (5221) open-source software that could allow for remote code execution due to a package listed in ++plone++static/components not existing in the public package index (npm). | 9.8 |
| 2024-01-29 | CVE-2024-23940 | Uncontrolled Search Path Element vulnerability in Trendmicro products Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on the system and ultimately escalate privileges on an affected system. | 7.8 |
| 2024-01-24 | CVE-2023-51711 | Uncontrolled Search Path Element vulnerability in Regify Regipay 4.5.1.0 An issue was discovered in Regify Regipay Client for Windows version 4.5.1.0 allows DLL hijacking: a user can trigger the execution of arbitrary code every time the product is executed. | 7.8 |
| 2024-01-19 | CVE-2023-32272 | Uncontrolled Search Path Element vulnerability in Intel NUC PRO Software Suite 2.0.0.3/2.0.0.9/3.0.0.6 Uncontrolled search path in some Intel NUC Pro Software Suite Configuration Tool software installers before version 3.0.0.6 may allow an authenticated user to potentially enable denial of service via local access. | 5.5 |
| 2024-01-10 | CVE-2023-29445 | Uncontrolled Search Path Element vulnerability in PTC products An uncontrolled search path element vulnerability (DLL hijacking) has been discovered that could allow a locally authenticated adversary to escalate privileges to SYSTEM. | 7.8 |
| 2024-01-10 | CVE-2023-29444 | Uncontrolled Search Path Element vulnerability in PTC products An uncontrolled search path element vulnerability (DLL hijacking) has been discovered that could allow a locally authenticated adversary to escalate privileges to SYSTEM. | 7.3 |
| 2024-01-05 | CVE-2023-41782 | Uncontrolled Search Path Element vulnerability in ZTE Zxcloud Irai Firmware There is a DLL hijacking vulnerability in ZTE ZXCLOUD iRAI, an attacker could place a fake DLL file in a specific directory and successfully exploit this vulnerability to execute malicious code. | 4.8 |
| 2024-01-03 | CVE-2023-6338 | Uncontrolled Search Path Element vulnerability in Lenovo Universal Device Client Uncontrolled search path vulnerabilities were reported in the Lenovo Universal Device Client (UDC) that could allow an attacker with local access to execute code with elevated privileges. | 7.8 |
| 2024-01-03 | CVE-2023-41780 | Uncontrolled Search Path Element vulnerability in ZTE Zxcloud Irai Firmware There is an unsafe DLL loading vulnerability in ZTE ZXCLOUD iRAI. | 7.8 |
| 2023-12-25 | CVE-2023-43064 | Uncontrolled Search Path Element vulnerability in IBM I Facsimile Support for IBM i 7.2, 7.3, 7.4, and 7.5 could allow a local user to gain elevated privileges due to an unqualified library call. | 7.8 |