Vulnerabilities > Uncontrolled Search Path Element

DATE CVE VULNERABILITY TITLE RISK
2023-03-30 CVE-2023-1745 Uncontrolled Search Path Element vulnerability in Pandora Kmplayer 4.2.2.73
A vulnerability, which was classified as problematic, has been found in KMPlayer 4.2.2.73.
local
low complexity
pandora CWE-427
7.8
2023-03-29 CVE-2023-0213 Uncontrolled Search Path Element vulnerability in M-Files
Elevation of privilege issue in M-Files Installer versions before 22.6 on Windows allows user to gain SYSTEM privileges via DLL hijacking.
local
low complexity
m-files CWE-427
7.8
2023-03-27 CVE-2023-28596 Uncontrolled Search Path Element vulnerability in Zoom Meetings 5.12.6/5.9.0
Zoom Client for IT Admin macOS installers before version 5.13.5 contain a local privilege escalation vulnerability.
local
low complexity
zoom CWE-427
7.8
2023-03-23 CVE-2023-28759 Uncontrolled Search Path Element vulnerability in Veritas Netbackup
An issue was discovered in Veritas NetBackup before 10.0 on Windows.
local
low complexity
veritas CWE-427
7.8
2023-03-19 CVE-2022-48422 Uncontrolled Search Path Element vulnerability in Onlyoffice Document Server
ONLYOFFICE Docs through 7.3 on certain Linux distributions allows local users to gain privileges via a Trojan horse libgcc_s.so.1 in the current working directory, which may be any directory in which an ONLYOFFICE document is located.
local
low complexity
onlyoffice CWE-427
7.8
2023-03-16 CVE-2021-31637 Uncontrolled Search Path Element vulnerability in Uwamp Project Uwamp
An issue found in UwAmp v.1.1, 1.2, 1.3, 2.0, 2.1, 2.2, 2.2.1, 3.0.0, 3.0.1, 3.0.2 allows a remote attacker to execute arbitrary code via a crafted DLL.
local
low complexity
uwamp-project CWE-427
7.8
2023-03-13 CVE-2023-24578 Uncontrolled Search Path Element vulnerability in Mcafee Total Protection
McAfee Total Protection prior to 16.0.49 allows attackers to elevate user privileges due to DLL sideloading.
local
low complexity
mcafee CWE-427
5.5
2023-03-10 CVE-2023-25143 Uncontrolled Search Path Element vulnerability in Trendmicro Apex ONE 14.0.10349/14.0.11789/2019
An uncontrolled search path element vulnerability in the Trend Micro Apex One Server installer could allow an attacker to achieve a remote code execution state on affected products.
network
low complexity
trendmicro CWE-427
critical
9.8
2023-03-10 CVE-2023-25147 Uncontrolled Search Path Element vulnerability in Trendmicro Apex ONE 14.0.10349/14.0.11789/2019
An issue in the Trend Micro Apex One agent could allow an attacker who has previously acquired administrative rights via other means to bypass the protection by using a specifically crafted DLL during a specific update process. Please note: an attacker must first obtain administrative access on the target system via another method in order to exploit this.
local
low complexity
trendmicro CWE-427
6.7
2023-03-07 CVE-2023-23554 Uncontrolled Search Path Element vulnerability in Sraoss PG IVM
Uncontrolled search path element vulnerability exists in pg_ivm versions prior to 1.5.1.
network
low complexity
sraoss CWE-427
8.8