Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-14 | CVE-2021-4007 | Uncontrolled Search Path Element vulnerability in Rapid7 Insight Agent Rapid7 Insight Agent, versions 3.0.1 to 3.1.2.34, suffer from a local privilege escalation due to an uncontrolled DLL search path. | 7.2 |
| 2021-12-08 | CVE-2021-20047 | Uncontrolled Search Path Element vulnerability in Sonicwall Global VPN Client SonicWall Global VPN client version 4.10.6 (32-bit and 64-bit) and earlier have a DLL Search Order Hijacking vulnerability. | 6.9 |
| 2021-12-06 | CVE-2021-43037 | Uncontrolled Search Path Element vulnerability in Kaseya Unitrends Backup An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. | 7.8 |
| 2021-12-01 | CVE-2021-32592 | Uncontrolled Search Path Element vulnerability in Fortinet products An unsafe search path vulnerability in FortiClientWindows 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x and FortiClientEMS 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x may allow an attacker to perform a DLL Hijack attack on affected devices via a malicious OpenSSL engine library in the search path. | 6.9 |
| 2021-11-29 | CVE-2021-44198 | Uncontrolled Search Path Element vulnerability in Acronis Cyber Protect 15 DLL hijacking could lead to local privilege escalation. | 4.4 |
| 2021-11-29 | CVE-2021-44199 | Uncontrolled Search Path Element vulnerability in Acronis Agent, Cyber Protect and Cyber Protect Home Office DLL hijacking could lead to denial of service. | 1.9 |
| 2021-11-17 | CVE-2021-0082 | Uncontrolled Search Path Element vulnerability in Intel products Uncontrolled search path in software installer for Intel(R) PROSet/Wireless WiFi in Windows 10 may allow an authenticated user to potentially enable escalation of privilege via local access. | 4.4 |
| 2021-11-12 | CVE-2021-3840 | Uncontrolled Search Path Element vulnerability in Lenovo Antilles 1.0.0 A dependency confusion vulnerability was reported in the Antilles open-source software prior to version 1.0.1 that could allow for remote code execution during installation due to a package listed in requirements.txt not existing in the public package index (PyPi). | 6.8 |
| 2021-11-10 | CVE-2021-31853 | Uncontrolled Search Path Element vulnerability in Mcafee Drive Encryption DLL Search Order Hijacking Vulnerability in McAfee Drive Encryption (MDE) prior to 7.3.0 HF2 (7.3.0.183) allows local users to execute arbitrary code and escalate privileges via execution from a compromised folder. | 7.8 |
| 2021-11-03 | CVE-2021-38416 | Uncontrolled Search Path Element vulnerability in Deltaww Dialink 1.2.4.0 Delta Electronics DIALink versions 1.2.4.0 and prior insecurely loads libraries, which may allow an attacker to use DLL hijacking and takeover the system where the software is installed. | 4.4 |