Vulnerabilities > Uncontrolled Search Path Element
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-14 | CVE-2023-34430 | Uncontrolled Search Path Element vulnerability in Intel Battery Life Diagnostic Tool 1.0.7/2.2.0 Uncontrolled search path in some Intel Battery Life Diagnostic Tool software before version 2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2023-11-08 | CVE-2023-47113 | Uncontrolled Search Path Element vulnerability in Bleachbit BleachBit cleans files to free disk space and to maintain privacy. | 7.3 |
2023-11-07 | CVE-2023-0898 | Uncontrolled Search Path Element vulnerability in GE Micom S1 Agile General Electric MiCOM S1 Agile is vulnerable to an attacker achieving code execution by placing malicious DLL files in the directory of the application. | 7.3 |
2023-11-02 | CVE-2023-31016 | Uncontrolled Search Path Element vulnerability in Nvidia Virtual GPU NVIDIA GPU Display Driver for Windows contains a vulnerability where an uncontrolled search path element may allow an attacker to execute arbitrary code, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. | 7.8 |
2023-10-27 | CVE-2023-44220 | Uncontrolled Search Path Element vulnerability in Sonicwall Netextender SonicWall NetExtender Windows (32-bit and 64-bit) client 10.2.336 and earlier versions have a DLL Search Order Hijacking vulnerability in the start-up DLL component. | 7.3 |
2023-10-11 | CVE-2023-4936 | Uncontrolled Search Path Element vulnerability in Synaptics Displaylink USB Graphics It is possible to sideload a compromised DLL during the installation at elevated privilege. | 7.8 |
2023-10-09 | CVE-2023-45248 | Uncontrolled Search Path Element vulnerability in Acronis Agent Local privilege escalation due to DLL hijacking vulnerability. | 7.3 |
2023-10-06 | CVE-2023-35897 | Uncontrolled Search Path Element vulnerability in IBM Storage Protect and Storage Protect Client IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments 8.1.0.0 through 8.1.19.0 could allow a local user to execute arbitrary code on the system using a specially crafted file, caused by a DLL hijacking flaw. | 7.8 |
2023-09-18 | CVE-2023-41929 | Uncontrolled Search Path Element vulnerability in Samsung Memory Card & UFD Authentication A DLL hijacking vulnerability in Samsung Memory Card & UFD Authentication Utility PC Software before 1.0.1 could allow a local attacker to escalate privileges. | 7.3 |
2023-08-30 | CVE-2023-40596 | Uncontrolled Search Path Element vulnerability in Splunk In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a dynamic link library (DLL) that ships with Splunk Enterprise references an insecure path for the OPENSSLDIR build definition. | 8.8 |