Vulnerabilities > Uncontrolled Search Path Element
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-06-13 | CVE-2022-24077 | Uncontrolled Search Path Element vulnerability in Naver Cloud Explorer Naver Cloud Explorer Beta allows the attacker to execute arbitrary code as System privilege via malicious DLL injection. | 7.8 |
2022-06-10 | CVE-2022-29092 | Uncontrolled Search Path Element vulnerability in Dell products Dell SupportAssist Client Consumer versions (3.11.0 and versions prior) and Dell SupportAssist Client Commercial versions (3.2.0 and versions prior) contain a privilege escalation vulnerability. | 7.8 |
2022-06-09 | CVE-2017-20018 | Uncontrolled Search Path Element vulnerability in Apachefriends Xampp 7.1.10Vc14 A vulnerability was found in XAMPP 7.1.1-0-VC14. | 7.8 |
2022-06-07 | CVE-2022-30744 | Uncontrolled Search Path Element vulnerability in Samsung Kies DLL hijacking vulnerability in KiesWrapper in Samsung Kies prior to version 2.6.4.22043_1 allows attacker to execute arbitrary code. | 7.8 |
2022-05-27 | CVE-2022-28394 | Uncontrolled Search Path Element vulnerability in Trendmicro Password Manager EOL Product CVE - Installer of Trend Micro Password Manager (Consumer) versions 3.7.0.1223 and below provided by Trend Micro Incorporated contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427). | 7.8 |
2022-05-27 | CVE-2022-30701 | Uncontrolled Search Path Element vulnerability in Trendmicro Apex ONE 2019 An uncontrolled search path element vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to craft a special configuration file to load an untrusted library with escalated privileges on affected installations. | 7.8 |
2022-05-24 | CVE-2022-23050 | Uncontrolled Search Path Element vulnerability in Zohocorp Manageengine Applications Manager ManageEngine AppManager15 (Build No:15510) allows an authenticated admin user to upload a DLL file to perform a DLL hijack attack inside the 'working' folder through the 'Upload Files / Binaries' functionality. | 7.2 |
2022-05-23 | CVE-2022-31467 | Uncontrolled Search Path Element vulnerability in Quickheal Total Security 10.1.0.316/11.00/12.00 A DLL hijacking vulnerability in the installed for Quick Heal Total Security prior to 12.1.1.27 allows a local attacker to achieve privilege escalation, leading to execution of arbitrary code, via the installer not restricting the search path for required DLLs and then not verifying the signature of the DLLs it tries to load. | 7.3 |
2022-05-20 | CVE-2022-28965 | Uncontrolled Search Path Element vulnerability in Avast Premium Security 19.8.2393/20.8.2429 Multiple DLL hijacking vulnerabilities via the components instup.exe and wsc_proxy.exe in Avast Premium Security before v21.11.2500 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted DLL file. | 6.5 |
2022-05-16 | CVE-2022-30696 | Uncontrolled Search Path Element vulnerability in Acronis Snap Deploy 6 Local privilege escalation due to a DLL hijacking vulnerability. | 7.8 |