Vulnerabilities > Uncontrolled Search Path Element

DATE CVE VULNERABILITY TITLE RISK
2022-06-16 CVE-2017-20051 Uncontrolled Search Path Element vulnerability in Jrsoftware Inno Setup
A vulnerability was found in InnoSetup Installer.
4.4
2022-06-16 CVE-2017-20052 Uncontrolled Search Path Element vulnerability in Python 2.7.13
A vulnerability classified as problematic was found in Python 2.7.13.
local
low complexity
python CWE-427
7.8
2022-06-15 CVE-2022-22788 Uncontrolled Search Path Element vulnerability in Zoom Meetings and Rooms
The Zoom Opener installer is downloaded by a user from the Launch meeting page, when attempting to join a meeting without having the Zoom Meeting Client installed.
local
zoom CWE-427
6.9
2022-06-13 CVE-2022-24077 Uncontrolled Search Path Element vulnerability in Naver Cloud Explorer
Naver Cloud Explorer Beta allows the attacker to execute arbitrary code as System privilege via malicious DLL injection.
local
naver CWE-427
6.9
2022-06-10 CVE-2022-29092 Uncontrolled Search Path Element vulnerability in Dell products
Dell SupportAssist Client Consumer versions (3.11.0 and versions prior) and Dell SupportAssist Client Commercial versions (3.2.0 and versions prior) contain a privilege escalation vulnerability.
local
low complexity
dell CWE-427
7.2
2022-06-09 CVE-2017-20018 Uncontrolled Search Path Element vulnerability in Apachefriends Xampp 7.1.10Vc14
A vulnerability was found in XAMPP 7.1.1-0-VC14.
4.4
2022-06-07 CVE-2022-30744 Uncontrolled Search Path Element vulnerability in Samsung Kies
DLL hijacking vulnerability in KiesWrapper in Samsung Kies prior to version 2.6.4.22043_1 allows attacker to execute arbitrary code.
4.4
2022-05-27 CVE-2022-28394 Uncontrolled Search Path Element vulnerability in Trendmicro Password Manager
EOL Product CVE - Installer of Trend Micro Password Manager (Consumer) versions 3.7.0.1223 and below provided by Trend Micro Incorporated contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).
6.9
2022-05-27 CVE-2022-30701 Uncontrolled Search Path Element vulnerability in Trendmicro Apex ONE 2019
An uncontrolled search path element vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to craft a special configuration file to load an untrusted library with escalated privileges on affected installations.
local
low complexity
trendmicro CWE-427
7.2
2022-05-24 CVE-2022-23050 Uncontrolled Search Path Element vulnerability in Zohocorp Manageengine Applications Manager
ManageEngine AppManager15 (Build No:15510) allows an authenticated admin user to upload a DLL file to perform a DLL hijack attack inside the 'working' folder through the 'Upload Files / Binaries' functionality.
network
low complexity
zohocorp CWE-427
7.2