Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-20 | CVE-2020-25502 | Uncontrolled Search Path Element vulnerability in Cybereason Endpoint Detection and Response 20.2.0 Cybereason EDR version 19.1.282 and above, 19.2.182 and above, 20.1.343 and above, and 20.2.X and above has a DLL hijacking vulnerability, which could allow a local attacker to execute code with elevated privileges. | 7.8 |
| 2023-01-12 | CVE-2023-0247 | Uncontrolled Search Path Element vulnerability in Bloom Project Bloom Uncontrolled Search Path Element in GitHub repository bits-and-blooms/bloom prior to 3.3.1. | 7.8 |
| 2023-01-11 | CVE-2023-22947 | Uncontrolled Search Path Element vulnerability in Shibboleth Service Provider Insecure folder permissions in the Windows installation path of Shibboleth Service Provider (SP) before 3.4.1 allow an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in the service executable's folder. | 7.3 |
| 2023-01-06 | CVE-2022-44939 | Uncontrolled Search Path Element vulnerability in Echatserver Easy Chat Server 3.1 Efs Software Easy Chat Server Version 3.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. | 7.8 |
| 2022-12-22 | CVE-2022-22736 | Uncontrolled Search Path Element vulnerability in Mozilla Firefox If Firefox was installed to a world-writable directory, a local privilege escalation could occur when Firefox searched the current directory for system libraries. | 7.0 |
| 2022-12-22 | CVE-2022-36314 | Uncontrolled Search Path Element vulnerability in Mozilla Firefox When opening a Windows shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system.<br>This bug only affects Firefox for Windows. | 5.5 |
| 2022-12-22 | CVE-2021-36631 | Uncontrolled Search Path Element vulnerability in Baidu Baidunetdisk 7.4.3 Untrusted search path vulnerability in Baidunetdisk Version 7.4.3 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 6.7 |
| 2022-12-21 | CVE-2022-46330 | Uncontrolled Search Path Element vulnerability in Squirrel.Windows Project Squirrel.Windows Squirrel.Windows is both a toolset and a library that provides installation and update functionality for Windows desktop applications. | 7.8 |
| 2022-12-19 | CVE-2022-42945 | Uncontrolled Search Path Element vulnerability in Autodesk DWG Trueview 2023 DWG TrueViewTM 2023 version has a DLL Search Order Hijacking vulnerability. | 7.8 |
| 2022-12-13 | CVE-2022-43722 | Uncontrolled Search Path Element vulnerability in Siemens Sicam Pas/Pqs A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0). | 7.8 |