Vulnerabilities > Uncontrolled Search Path Element
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-05-12 | CVE-2022-22139 | Uncontrolled Search Path Element vulnerability in Intel Extreme Tuning Utility 6.4.1.21/6.5.1.360/6.5.3.25 Uncontrolled search path in the Intel(R) XTU software before version 7.3.0.33 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.3 |
2022-05-11 | CVE-2022-0025 | Uncontrolled Search Path Element vulnerability in Paloaltonetworks Cortex XDR Agent 7.7.1 A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute a program with elevated privileges. | 6.7 |
2022-05-11 | CVE-2021-34606 | Uncontrolled Search Path Element vulnerability in Xinje Xd/E Series PLC Program Tool A vulnerability exists in XINJE XD/E Series PLC Program Tool in versions up to v3.5.1 that can allow an authenticated, local attacker to load a malicious DLL. | 7.3 |
2022-05-06 | CVE-2021-42743 | Uncontrolled Search Path Element vulnerability in Splunk A misconfiguration in the node default path allows for local privilege escalation from a lower privileged user to the Splunk user in Splunk Enterprise versions before 8.1.1 on Windows. | 7.8 |
2022-05-04 | CVE-2021-20051 | Uncontrolled Search Path Element vulnerability in Sonicwall Global VPN Client 4.10.4.0314/4.10.6/4.10.7.1117 SonicWall Global VPN Client 4.10.7.1117 installer (32-bit and 64-bit) and earlier versions have a DLL Search Order Hijacking vulnerability in one of the installer components. | 7.8 |
2022-05-03 | CVE-2022-28792 | Uncontrolled Search Path Element vulnerability in Samsung Gear Iconx PC Manager DLL hijacking vulnerability in Gear IconX PC Manager prior to version 2.1.220405.51 allows attacker to execute arbitrary code. | 7.8 |
2022-04-22 | CVE-2022-0192 | Uncontrolled Search Path Element vulnerability in Lenovo Pcmanager A DLL search path vulnerability was reported in Lenovo PCManager prior to version 4.0.40.2175 that could allow privilege escalation. | 7.8 |
2022-04-12 | CVE-2022-24767 | Uncontrolled Search Path Element vulnerability in multiple products GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account. | 7.8 |
2022-04-12 | CVE-2022-23449 | Uncontrolled Search Path Element vulnerability in Siemens products A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1), SIMATIC Energy Manager PRO (All versions < V7.3 Update 1). | 7.3 |
2022-04-11 | CVE-2022-27842 | Uncontrolled Search Path Element vulnerability in Samsung Smart Switch PC DLL hijacking vulnerability in Smart Switch PC prior to version 4.2.22022_4 allows attacker to execute abitrary code. | 7.8 |