Vulnerabilities > Uncontrolled Search Path Element
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-04-01 | CVE-2022-1098 | Uncontrolled Search Path Element vulnerability in Deltaww Diaenergie 1.7.5 Delta Electronics DIAEnergie (all versions prior to 1.8.02.004) are vulnerable to a DLL hijacking condition. | 4.4 |
2022-04-01 | CVE-2022-24426 | Uncontrolled Search Path Element vulnerability in Dell Alienware Update, Command Update and Update Dell Command | Update, Dell Update, and Alienware Update version 4.4.0 contains a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. | 7.2 |
2022-03-31 | CVE-2022-25348 | Uncontrolled Search Path Element vulnerability in Hibara Attachecase Untrusted search path vulnerability in AttacheCase ver.4.0.2.7 and earlier allows an attacker to gain privileges and execute arbitrary code via a Trojan horse DLL in an unspecified directory. | 7.8 |
2022-03-31 | CVE-2022-28128 | Uncontrolled Search Path Element vulnerability in Hibara Attachecase Untrusted search path vulnerability in AttacheCase ver.3.6.1.0 and earlier allows an attacker to gain privileges and execute arbitrary code via a Trojan horse DLL in an unspecified directory. | 7.8 |
2022-03-30 | CVE-2022-22996 | Uncontrolled Search Path Element vulnerability in Westerndigital products The G-RAID 4/8 Software Utility setups for Windows were affected by a DLL hijacking vulnerability. | 6.9 |
2022-03-23 | CVE-2021-44226 | Uncontrolled Search Path Element vulnerability in Razer Synapse Razer Synapse before 3.7.0228.022817 allows privilege escalation because it relies on %PROGRAMDATA%\Razer\Synapse3\Service\bin even if %PROGRAMDATA%\Razer has been created by any unprivileged user before Synapse is installed. | 7.3 |
2022-03-18 | CVE-2020-25182 | Uncontrolled Search Path Element vulnerability in multiple products Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x searches for and loads DLLs as dynamic libraries. | 4.6 |
2022-03-17 | CVE-2022-25969 | Uncontrolled Search Path Element vulnerability in Kingsoft WPS Office 10.8.0.6186 The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs), allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer. | 6.8 |
2022-03-17 | CVE-2022-26081 | Uncontrolled Search Path Element vulnerability in Kingsoft WPS Office 10.8.0.5745 The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll, allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer. | 6.8 |
2022-03-17 | CVE-2022-26511 | Uncontrolled Search Path Element vulnerability in Kingsoft WPS Presentation 11.8.0.5745 WPS Presentation 11.8.0.5745 insecurely load d3dx9_41.dll when opening .pps files('current directory type' DLL loading). | 6.8 |