Vulnerabilities > Uncontrolled Search Path Element

DATE CVE VULNERABILITY TITLE RISK
2022-04-11 CVE-2022-27843 Uncontrolled Search Path Element vulnerability in Samsung Kies 2.3.2.12074/2.3.2.120741313/2.5.0.120942711
DLL hijacking vulnerability in Kies prior to version 2.6.4.22014_2 allows attacker to execute abitrary code.
local
low complexity
samsung CWE-427
7.8
2022-04-11 CVE-2022-28541 Uncontrolled Search Path Element vulnerability in Samsung Update
Uncontrolled search path element vulnerability in Samsung Update prior to version 3.0.77.0 allows attackers to execute arbitrary code as Samsung Update permission.
local
low complexity
samsung CWE-427
7.8
2022-04-11 CVE-2022-28779 Uncontrolled Search Path Element vulnerability in Samsung Android USB Driver Windows Installer
Uncontrolled search path element vulnerability in Samsung Android USB Driver windows installer program prior to version 1.7.50 allows attacker to execute arbitrary code.
local
low complexity
samsung CWE-427
7.8
2022-04-05 CVE-2022-25154 Uncontrolled Search Path Element vulnerability in Samsung T5 Firmware
A DLL hijacking vulnerability in Samsung portable SSD T5 PC software before 1.6.9 could allow a local attacker to escalate privileges.
local
low complexity
samsung CWE-427
7.3
2022-04-01 CVE-2022-1098 Uncontrolled Search Path Element vulnerability in Deltaww Diaenergie 1.08.00/1.7.5/1.8.0
Delta Electronics DIAEnergie (all versions prior to 1.8.02.004) are vulnerable to a DLL hijacking condition.
local
low complexity
deltaww CWE-427
7.8
2022-04-01 CVE-2022-24426 Uncontrolled Search Path Element vulnerability in Dell Alienware Update, Command Update and Update
Dell Command | Update, Dell Update, and Alienware Update version 4.4.0 contains a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component.
local
low complexity
dell CWE-427
7.8
2022-03-31 CVE-2022-25348 Uncontrolled Search Path Element vulnerability in Hibara Attachecase
Untrusted search path vulnerability in AttacheCase ver.4.0.2.7 and earlier allows an attacker to gain privileges and execute arbitrary code via a Trojan horse DLL in an unspecified directory.
local
low complexity
hibara CWE-427
7.8
2022-03-31 CVE-2022-28128 Uncontrolled Search Path Element vulnerability in Hibara Attachecase
Untrusted search path vulnerability in AttacheCase ver.3.6.1.0 and earlier allows an attacker to gain privileges and execute arbitrary code via a Trojan horse DLL in an unspecified directory.
local
low complexity
hibara CWE-427
7.8
2022-03-30 CVE-2022-22996 Uncontrolled Search Path Element vulnerability in Westerndigital products
The G-RAID 4/8 Software Utility setups for Windows were affected by a DLL hijacking vulnerability.
local
low complexity
westerndigital CWE-427
7.8
2022-03-23 CVE-2021-44226 Uncontrolled Search Path Element vulnerability in Razer Synapse
Razer Synapse before 3.7.0228.022817 allows privilege escalation because it relies on %PROGRAMDATA%\Razer\Synapse3\Service\bin even if %PROGRAMDATA%\Razer has been created by any unprivileged user before Synapse is installed.
local
low complexity
razer CWE-427
7.3