Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-11 | CVE-2022-23401 | Uncontrolled Search Path Element vulnerability in Yokogawa products The following Yokogawa Electric products contain insecure DLL loading issues. | 3.7 |
| 2022-03-08 | CVE-2022-26319 | Uncontrolled Search Path Element vulnerability in Trendmicro Portable Security 2.0/3.0 An installer search patch element vulnerability in Trend Micro Portable Security 3.0 Pro, 3.0 and 2.0 could allow a local attacker to place an arbitrarily generated DLL file in an installer folder to elevate local privileges. | 6.9 |
| 2022-03-08 | CVE-2022-26337 | Uncontrolled Search Path Element vulnerability in Trendmicro Password Manager Trend Micro Password Manager (Consumer) installer version 5.0.0.1262 and below is vulnerable to an Uncontrolled Search Path Element vulnerability that could allow an attacker to use a specially crafted file to exploit the vulnerability and escalate local privileges on the affected machine. | 9.3 |
| 2022-03-03 | CVE-2022-22943 | Uncontrolled Search Path Element vulnerability in VMWare Tools VMware Tools for Windows (11.x.y and 10.x.y prior to 12.0.0) contains an uncontrolled search path vulnerability. | 7.2 |
| 2022-02-16 | CVE-2022-23202 | Uncontrolled Search Path Element vulnerability in Adobe Creative Cloud Desktop Application 2.4/2.5/2.7.0.13 Adobe Creative Cloud Desktop version 2.7.0.13 (and earlier) is affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. | 5.1 |
| 2022-02-15 | CVE-2021-43940 | Uncontrolled Search Path Element vulnerability in Atlassian Confluence Server Affected versions of Atlassian Confluence Server and Data Center allow authenticated local attackers to achieve elevated privileges on the local system via a DLL Hijacking vulnerability in the Confluence installer. | 6.9 |
| 2022-02-14 | CVE-2022-23410 | Uncontrolled Search Path Element vulnerability in Axis IP Utility 4.17.0 AXIS IP Utility before 4.18.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. | 4.4 |
| 2022-02-11 | CVE-2022-23853 | Uncontrolled Search Path Element vulnerability in KDE Ktexteditor The LSP (Language Server Protocol) plugin in KDE Kate before 21.12.2 and KTextEditor before 5.91.0 tries to execute the associated LSP server binary when opening a file of a given type. | 7.8 |
| 2022-02-11 | CVE-2022-24955 | Uncontrolled Search Path Element vulnerability in Foxit PDF Editor and PDF Reader Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have an Uncontrolled Search Path Element for DLL files. | 7.5 |
| 2022-02-09 | CVE-2021-0169 | Uncontrolled Search Path Element vulnerability in Intel products Uncontrolled Search Path Element in software for Intel(R) PROSet/Wireless Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable escalation of privilege via local access. | 4.6 |