Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-19 | CVE-2022-48422 | Uncontrolled Search Path Element vulnerability in Onlyoffice Document Server ONLYOFFICE Docs through 7.3 on certain Linux distributions allows local users to gain privileges via a Trojan horse libgcc_s.so.1 in the current working directory, which may be any directory in which an ONLYOFFICE document is located. | 7.8 |
| 2023-03-16 | CVE-2021-31637 | Uncontrolled Search Path Element vulnerability in Uwamp Project Uwamp An issue found in UwAmp v.1.1, 1.2, 1.3, 2.0, 2.1, 2.2, 2.2.1, 3.0.0, 3.0.1, 3.0.2 allows a remote attacker to execute arbitrary code via a crafted DLL. | 7.8 |
| 2023-03-13 | CVE-2023-24578 | Uncontrolled Search Path Element vulnerability in Mcafee Total Protection McAfee Total Protection prior to 16.0.49 allows attackers to elevate user privileges due to DLL sideloading. | 5.5 |
| 2023-03-10 | CVE-2023-25143 | Uncontrolled Search Path Element vulnerability in Trendmicro Apex ONE 14.0.10349/2019 An uncontrolled search path element vulnerability in the Trend Micro Apex One Server installer could allow an attacker to achieve a remote code execution state on affected products. | 9.8 |
| 2023-03-10 | CVE-2023-25147 | Uncontrolled Search Path Element vulnerability in Trendmicro Apex ONE 14.0.10349/14.0.11789/2019 An issue in the Trend Micro Apex One agent could allow an attacker who has previously acquired administrative rights via other means to bypass the protection by using a specifically crafted DLL during a specific update process. Please note: an attacker must first obtain administrative access on the target system via another method in order to exploit this. | 6.7 |
| 2023-03-07 | CVE-2023-23554 | Uncontrolled Search Path Element vulnerability in Sraoss PG IVM Uncontrolled search path element vulnerability exists in pg_ivm versions prior to 1.5.1. | 8.8 |
| 2023-02-17 | CVE-2022-32972 | Uncontrolled Search Path Element vulnerability in Infoblox Bloxone Endpoint Infoblox BloxOne Endpoint for Windows through 2.2.7 allows DLL injection that can result in local privilege escalation. | 7.8 |
| 2023-02-16 | CVE-2022-37340 | Uncontrolled Search Path Element vulnerability in Intel Quickassist Technology 1.7.L.4.10.0/4.2 Uncontrolled search path in some Intel(R) QAT drivers for Windows before version 1.6 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.3 |
| 2023-02-16 | CVE-2022-41314 | Uncontrolled Search Path Element vulnerability in Intel products Uncontrolled search path in some Intel(R) Network Adapter installer software may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-02-16 | CVE-2022-25905 | Uncontrolled Search Path Element vulnerability in Intel Oneapi Data Analytics Library Uncontrolled search path element in the Intel(R) oneAPI Data Analytics Library (oneDAL) before version 2021.5 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.3 |