Vulnerabilities > Uncontrolled Search Path Element

DATE CVE VULNERABILITY TITLE RISK
2023-06-26 CVE-2023-28929 Uncontrolled Search Path Element vulnerability in Trendmicro products
Trend Micro Security 2021, 2022, and 2023 (Consumer) are vulnerable to a DLL Hijacking vulnerability which could allow an attacker to use a specific executable file as an execution and/or persistence mechanism which could execute a malicious program each time the executable file is started.
local
low complexity
trendmicro CWE-427
7.8
2023-06-23 CVE-2023-27908 Uncontrolled Search Path Element vulnerability in Autodesk Installer
A maliciously crafted DLL file can be forced to write beyond allocated boundaries in the Autodesk installer when parsing the DLL files and could lead to a Privilege Escalation vulnerability.
local
low complexity
autodesk CWE-427
7.8
2023-06-07 CVE-2023-0976 Uncontrolled Search Path Element vulnerability in Trellix Agent 5.7.7/5.7.8
A command Injection Vulnerability in TA for mac-OS prior to version 5.7.9 allows local users to place an arbitrary file into the /Library/Trellix/Agent/bin/ folder.
local
low complexity
trellix CWE-427
7.8
2023-05-12 CVE-2023-25005 Uncontrolled Search Path Element vulnerability in Autodesk Infraworks
A maliciously crafted DLL file can be forced to read beyond allocated boundaries in Autodesk InfraWorks 2023, and 2021 when parsing the DLL files could lead to a resource injection vulnerability.
local
low complexity
autodesk CWE-427
7.8
2023-05-12 CVE-2023-25428 Uncontrolled Search Path Element vulnerability in Soft-O Free Password Manager 1.1.20
A DLL Hijacking issue discovered in Soft-o Free Password Manager 1.1.20 allows attackers to create arbitrary DLLs leading to code execution.
local
low complexity
soft-o CWE-427
7.8
2023-05-12 CVE-2023-31197 Uncontrolled Search Path Element vulnerability in Intel Trace Analyzer and Collector 2017/2020
Uncontrolled search path in the Intel(R) Trace Analyzer and Collector before version 2020 update 3 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-427
7.8
2023-05-10 CVE-2022-21162 Uncontrolled Search Path Element vulnerability in Intel NUC Hdmi Firmware Update Tool 1.78.2.0.7
Uncontrolled search path for the Intel(R) HDMI Firmware Update tool for NUC before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-427
7.3
2023-05-10 CVE-2022-27180 Uncontrolled Search Path Element vulnerability in Intel Maccpuid
Uncontrolled search path in the Intel(R) MacCPUID software before version 3.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-427
7.8
2023-05-10 CVE-2022-32576 Uncontrolled Search Path Element vulnerability in Intel Unite
Uncontrolled search path in the Intel(R) Unite(R) Plugin SDK before version 4.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-427
7.8
2023-05-10 CVE-2022-41628 Uncontrolled Search Path Element vulnerability in Intel NUC P14E Laptop Element 1.0.0.156
Uncontrolled search path element in the HotKey Services for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1.1.44 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-427
7.8