Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-10 | CVE-2022-41998 | Uncontrolled Search Path Element vulnerability in Intel Data Center Manager Uncontrolled search path in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-05-10 | CVE-2023-22355 | Uncontrolled Search Path Element vulnerability in Intel products Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-05-09 | CVE-2023-30237 | Uncontrolled Search Path Element vulnerability in Cyberghostvpn Cyberghost 6.5.0.3180 CyberGhostVPN Windows Client before v8.3.10.10015 was discovered to contain a DLL injection vulnerability via the component Dashboard.exe. | 7.8 |
| 2023-04-27 | CVE-2023-2355 | Uncontrolled Search Path Element vulnerability in Acronis Snap Deploy 6 Local privilege escalation due to a DLL hijacking vulnerability. | 7.8 |
| 2023-04-25 | CVE-2023-29011 | Uncontrolled Search Path Element vulnerability in GIT for Windows Project GIT for Windows Git for Windows, the Windows port of Git, ships with an executable called `connect.exe`, which implements a SOCKS5 proxy that can be used to connect e.g. | 7.8 |
| 2023-04-25 | CVE-2023-29012 | Uncontrolled Search Path Element vulnerability in GIT for Windows Project GIT for Windows Git for Windows is the Windows port of Git. | 7.8 |
| 2023-04-18 | CVE-2022-34755 | Uncontrolled Search Path Element vulnerability in Schneider-Electric Easergy Builder Installer A CWE-427 - Uncontrolled Search Path Element vulnerability exists that could allow an attacker with a local privileged account to place a specially crafted file on the target machine, which may give the attacker the ability to execute arbitrary code during the installation process initiated by a valid user. | 6.7 |
| 2023-04-18 | CVE-2023-28140 | Uncontrolled Search Path Element vulnerability in Qualys Cloud Agent 3.1.3.34 An Executable Hijacking condition exists in the Qualys Cloud Agent for Windows platform in versions before 4.5.3.1. | 7.0 |
| 2023-04-11 | CVE-2023-29187 | Uncontrolled Search Path Element vulnerability in SAP Sapsetup 9.0 A Windows user with basic user authorization can exploit a DLL hijacking attack in SapSetup (Software Installation Program) - version 9.0, resulting in a privilege escalation running code as administrator of the very same Windows PC. | 6.7 |
| 2023-04-04 | CVE-2022-48222 | Uncontrolled Search Path Element vulnerability in Gbgplc Acuant Acufill SDK An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. | 7.8 |