Vulnerabilities > Uncontrolled Search Path Element

DATE CVE VULNERABILITY TITLE RISK
2022-10-26 CVE-2022-39286 Uncontrolled Search Path Element vulnerability in multiple products
Jupyter Core is a package for the core common functionality of Jupyter projects.
network
low complexity
jupyter debian fedoraproject CWE-427
8.8
2022-10-24 CVE-2022-41796 Uncontrolled Search Path Element vulnerability in Sony Content Transfer 1.3
Untrusted search path vulnerability in the installer of Content Transfer (for Windows) Ver.1.3 and prior allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
sony CWE-427
7.8
2022-10-12 CVE-2022-33921 Uncontrolled Search Path Element vulnerability in Dell Geodrive
Dell GeoDrive, versions prior to 2.2, contains Multiple DLL Hijacking Vulnerabilities.
local
low complexity
dell CWE-427
7.8
2022-09-19 CVE-2022-40978 Uncontrolled Search Path Element vulnerability in Jetbrains Intellij Idea
The installer of JetBrains IntelliJ IDEA before 2022.2.2 was vulnerable to EXE search order hijacking
local
low complexity
jetbrains CWE-427
7.8
2022-09-16 CVE-2022-2333 Uncontrolled Search Path Element vulnerability in Honeywell Softmaster 4.51
If an attacker manages to trick a valid user into loading a malicious DLL, the attacker may be able to achieve code execution in Honeywell SoftMaster version 4.51 application’s context and permissions.
local
low complexity
honeywell CWE-427
7.8
2022-09-13 CVE-2022-34101 Uncontrolled Search Path Element vulnerability in Crestron Airmedia 4.3.1.39
A vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can place a malicious DLL in a certain path to execute code and preform a privilege escalation attack.
local
low complexity
crestron CWE-427
7.8
2022-09-13 CVE-2022-38633 Uncontrolled Search Path Element vulnerability in Genymobile Genymotion Desktop 3.2.1
Genymotion Desktop v3.2.1 was discovered to contain a DLL hijacking vulnerability which allows attackers to escalate privileges and execute arbitrary code via a crafted binary.
local
low complexity
genymobile CWE-427
7.8
2022-09-09 CVE-2022-39846 Uncontrolled Search Path Element vulnerability in Samsung Smart Switch PC 4.2.220224/4.3.22083
DLL hijacking vulnerability in Smart Switch PC prior to version 4.3.22083_3 allows attacker to execute arbitrary code.
local
low complexity
samsung CWE-427
7.8
2022-09-07 CVE-2022-36271 Uncontrolled Search Path Element vulnerability in Outbyte PC Repair 1.7.112.7856
Outbyte PC Repair Installation File 1.7.112.7856 is vulnerable to Dll Hijacking.
local
low complexity
outbyte CWE-427
7.8
2022-08-18 CVE-2022-21807 Uncontrolled Search Path Element vulnerability in Intel Vtune Profiler
Uncontrolled search path elements in the Intel(R) VTune(TM) Profiler software before version 2022.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-427
7.8