Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-08 | CVE-2021-41544 | Uncontrolled Search Path Element vulnerability in Siemens Software Center A vulnerability has been identified in Siemens Software Center (All versions < V3.0). | 7.8 |
| 2023-07-27 | CVE-2022-43703 | Uncontrolled Search Path Element vulnerability in ARM Development Studio and DS Development Studio An installer that loads or executes files using an unconstrained search path may be vulnerable to substitute files under control of an attacker being loaded or executed instead of the intended files. | 7.8 |
| 2023-07-19 | CVE-2023-36853 | Uncontrolled Search Path Element vulnerability in Keysight Geolocation Server 2.4.2 ?In Keysight Geolocation Server v2.4.2 and prior, a low privileged attacker could create a local ZIP file containing a malicious script in any location. | 7.8 |
| 2023-07-13 | CVE-2023-37849 | Uncontrolled Search Path Element vulnerability in Watchguard Panda Security VPN A DLL hijacking vulnerability in Panda Security VPN for Windows prior to version v15.14.8 allows attackers to execute arbitrary code via placing a crafted DLL file in the same directory as PANDAVPN.exe. | 6.5 |
| 2023-06-30 | CVE-2023-31543 | Uncontrolled Search Path Element vulnerability in Pipreqs Project Pipreqs A dependency confusion in pipreqs v0.3.0 to v0.4.11 allows attackers to execute arbitrary code via uploading a crafted PyPI package to the chosen repository server. | 9.8 |
| 2023-06-26 | CVE-2023-28929 | Uncontrolled Search Path Element vulnerability in Trendmicro products Trend Micro Security 2021, 2022, and 2023 (Consumer) are vulnerable to a DLL Hijacking vulnerability which could allow an attacker to use a specific executable file as an execution and/or persistence mechanism which could execute a malicious program each time the executable file is started. | 7.8 |
| 2023-06-23 | CVE-2023-27908 | Uncontrolled Search Path Element vulnerability in Autodesk Installer A maliciously crafted DLL file can be forced to write beyond allocated boundaries in the Autodesk installer when parsing the DLL files and could lead to a Privilege Escalation vulnerability. | 7.8 |
| 2023-06-13 | CVE-2023-0142 | Uncontrolled Search Path Element vulnerability in Synology products Uncontrolled search path element vulnerability in Backup Management functionality in Synology DiskStation Manager (DSM) before 6.2.4-25556-8, 7.0.1-42218-7 and 7.1-42661 allows remote authenticated users with administrator privileges to read or write arbitrary files via unspecified vectors. | 8.1 |
| 2023-06-07 | CVE-2023-0976 | Uncontrolled Search Path Element vulnerability in Trellix Agent 5.7.7/5.7.8 A command Injection Vulnerability in TA for mac-OS prior to version 5.7.9 allows local users to place an arbitrary file into the /Library/Trellix/Agent/bin/ folder. | 7.8 |
| 2023-05-12 | CVE-2023-25005 | Uncontrolled Search Path Element vulnerability in Autodesk Infraworks A maliciously crafted DLL file can be forced to read beyond allocated boundaries in Autodesk InfraWorks 2023, and 2021 when parsing the DLL files could lead to a resource injection vulnerability. | 7.8 |