Vulnerabilities > Uncontrolled Search Path Element

DATE CVE VULNERABILITY TITLE RISK
2023-11-14 CVE-2023-34430 Uncontrolled Search Path Element vulnerability in Intel Battery Life Diagnostic Tool 1.0.7/2.2.0
Uncontrolled search path in some Intel Battery Life Diagnostic Tool software before version 2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-427
7.8
2023-11-08 CVE-2023-47113 Uncontrolled Search Path Element vulnerability in Bleachbit
BleachBit cleans files to free disk space and to maintain privacy.
local
low complexity
bleachbit CWE-427
7.3
2023-11-07 CVE-2023-0898 Uncontrolled Search Path Element vulnerability in GE Micom S1 Agile
General Electric MiCOM S1 Agile is vulnerable to an attacker achieving code execution by placing malicious DLL files in the directory of the application.
local
low complexity
ge CWE-427
7.3
2023-11-02 CVE-2023-31016 Uncontrolled Search Path Element vulnerability in Nvidia Virtual GPU
NVIDIA GPU Display Driver for Windows contains a vulnerability where an uncontrolled search path element may allow an attacker to execute arbitrary code, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering.
local
low complexity
nvidia CWE-427
7.8
2023-10-27 CVE-2023-44220 Uncontrolled Search Path Element vulnerability in Sonicwall Netextender
SonicWall NetExtender Windows (32-bit and 64-bit) client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component.
local
low complexity
sonicwall CWE-427
7.3
2023-10-11 CVE-2023-4936 Uncontrolled Search Path Element vulnerability in Synaptics Displaylink USB Graphics
It is possible to sideload a compromised DLL during the installation at elevated privilege.
local
low complexity
synaptics CWE-427
7.8
2023-10-09 CVE-2023-45248 Uncontrolled Search Path Element vulnerability in Acronis Agent
Local privilege escalation due to DLL hijacking vulnerability.
local
low complexity
acronis CWE-427
7.3
2023-10-06 CVE-2023-35897 Uncontrolled Search Path Element vulnerability in IBM Storage Protect and Storage Protect Client
IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments 8.1.0.0 through 8.1.19.0 could allow a local user to execute arbitrary code on the system using a specially crafted file, caused by a DLL hijacking flaw.
local
low complexity
ibm CWE-427
7.8
2023-09-18 CVE-2023-41929 Uncontrolled Search Path Element vulnerability in Samsung Memory Card & UFD Authentication
A DLL hijacking vulnerability in Samsung Memory Card & UFD Authentication Utility PC Software before 1.0.1 could allow a local attacker to escalate privileges.
local
low complexity
samsung CWE-427
7.3
2023-08-30 CVE-2023-40596 Uncontrolled Search Path Element vulnerability in Splunk
In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a dynamic link library (DLL) that ships with Splunk Enterprise references an insecure path for the OPENSSLDIR build definition.
local
low complexity
splunk CWE-427
8.8