Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-12 | CVE-2023-0247 | Uncontrolled Search Path Element vulnerability in Bloom Project Bloom Uncontrolled Search Path Element in GitHub repository bits-and-blooms/bloom prior to 3.3.1. | 7.8 |
| 2023-01-11 | CVE-2023-22947 | Uncontrolled Search Path Element vulnerability in Shibboleth Service Provider Insecure folder permissions in the Windows installation path of Shibboleth Service Provider (SP) before 3.4.1 allow an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in the service executable's folder. | 7.3 |
| 2023-01-06 | CVE-2022-44939 | Uncontrolled Search Path Element vulnerability in Echatserver Easy Chat Server 3.1 Efs Software Easy Chat Server Version 3.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. | 7.8 |
| 2022-12-22 | CVE-2022-22736 | Uncontrolled Search Path Element vulnerability in Mozilla Firefox If Firefox was installed to a world-writable directory, a local privilege escalation could occur when Firefox searched the current directory for system libraries. | 7.0 |
| 2022-12-22 | CVE-2022-36314 | When opening a Windows shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system.<br>This bug only affects Firefox for Windows. | 5.5 |
| 2022-12-22 | CVE-2021-36631 | Uncontrolled Search Path Element vulnerability in Baidu Baidunetdisk Untrusted search path vulnerability in Baidunetdisk Version 7.4.3 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 6.7 |
| 2022-12-21 | CVE-2022-46330 | Squirrel.Windows is both a toolset and a library that provides installation and update functionality for Windows desktop applications. | 7.8 |
| 2022-12-19 | CVE-2022-42945 | Uncontrolled Search Path Element vulnerability in Autodesk DWG Trueview 2023 DWG TrueViewTM 2023 version has a DLL Search Order Hijacking vulnerability. | 7.8 |
| 2022-12-13 | CVE-2022-43722 | Uncontrolled Search Path Element vulnerability in Siemens Sicam Pas/Pqs A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0). | 7.8 |
| 2022-12-12 | CVE-2022-38395 | Uncontrolled Search Path Element vulnerability in HP Support Assistant 8.1.40.3/8.7.50/8.7.50.3 HP Support Assistant uses HP Performance Tune-up as a diagnostic tool. | 7.8 |