Vulnerabilities > Uncontrolled Search Path Element

DATE CVE VULNERABILITY TITLE RISK
2023-08-11 CVE-2023-28823 Uncontrolled Search Path Element vulnerability in Intel products
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-427
7.3
2023-08-11 CVE-2023-29151 Uncontrolled Search Path Element vulnerability in Intel Platform Service Record Software Development KIT
Uncontrolled search path element in some Intel(R) PSR SDK before version 1.0.0.20 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-427
7.8
2023-08-11 CVE-2023-34355 Uncontrolled Search Path Element vulnerability in Intel Integrated BMC Video Driver 1.0/1.10.03/2.0
Uncontrolled search path element for some Intel(R) Server Board M10JNP2SB integrated BMC video drivers before version 3.0 for Microsoft Windows and before version 1.13.4 for linux may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-427
7.3
2023-08-10 CVE-2022-47636 Uncontrolled Search Path Element vulnerability in Outsystems Service Studio 11.53.30
A DLL hijacking vulnerability has been discovered in OutSystems Service Studio 11 11.53.30 build 61739.
local
low complexity
outsystems CWE-427
7.8
2023-08-08 CVE-2023-36344 Uncontrolled Search Path Element vulnerability in Dieboldnixdorf Vynamic View 5.3.1
An issue in Diebold Nixdorf Vynamic View Console v.5.3.1 and before allows a local attacker to execute arbitrary code via not restricting the search path for required DLLs and not verifying the signature.
local
low complexity
dieboldnixdorf CWE-427
7.8
2023-08-08 CVE-2021-41544 Uncontrolled Search Path Element vulnerability in Siemens Software Center
A vulnerability has been identified in Siemens Software Center (All versions < V3.0).
local
low complexity
siemens CWE-427
7.8
2023-07-27 CVE-2022-43703 Uncontrolled Search Path Element vulnerability in ARM Development Studio and DS Development Studio
An installer that loads or executes files using an unconstrained search path may be vulnerable to substitute files under control of an attacker being loaded or executed instead of the intended files.
local
low complexity
arm CWE-427
7.8
2023-07-19 CVE-2023-36853 Uncontrolled Search Path Element vulnerability in Keysight Geolocation Server 2.4.2
?In Keysight Geolocation Server v2.4.2 and prior, a low privileged attacker could create a local ZIP file containing a malicious script in any location.
local
low complexity
keysight CWE-427
7.8
2023-07-13 CVE-2023-37849 Uncontrolled Search Path Element vulnerability in Watchguard Panda Security VPN
A DLL hijacking vulnerability in Panda Security VPN for Windows prior to version v15.14.8 allows attackers to execute arbitrary code via placing a crafted DLL file in the same directory as PANDAVPN.exe.
local
low complexity
watchguard CWE-427
6.5
2023-06-30 CVE-2023-31543 Uncontrolled Search Path Element vulnerability in Pipreqs Project Pipreqs
A dependency confusion in pipreqs v0.3.0 to v0.4.11 allows attackers to execute arbitrary code via uploading a crafted PyPI package to the chosen repository server.
network
low complexity
pipreqs-project CWE-427
critical
9.8