Vulnerabilities > Uncontrolled Search Path Element
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-18 | CVE-2020-25182 | Uncontrolled Search Path Element vulnerability in multiple products Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x searches for and loads DLLs as dynamic libraries. | 6.7 |
2022-03-17 | CVE-2022-25969 | Uncontrolled Search Path Element vulnerability in Kingsoft WPS Office 10.8.0.6186 The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs), allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer. | 7.8 |
2022-03-17 | CVE-2022-26081 | Uncontrolled Search Path Element vulnerability in Kingsoft WPS Office 10.8.0.5745 The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll, allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer. | 7.8 |
2022-03-17 | CVE-2022-26511 | Uncontrolled Search Path Element vulnerability in Kingsoft WPS Presentation 11.8.0.5745 WPS Presentation 11.8.0.5745 insecurely load d3dx9_41.dll when opening .pps files('current directory type' DLL loading). | 7.8 |
2022-03-11 | CVE-2022-23401 | Uncontrolled Search Path Element vulnerability in Yokogawa products The following Yokogawa Electric products contain insecure DLL loading issues. | 7.8 |
2022-03-08 | CVE-2022-26319 | Uncontrolled Search Path Element vulnerability in Trendmicro Portable Security 2.0/3.0 An installer search patch element vulnerability in Trend Micro Portable Security 3.0 Pro, 3.0 and 2.0 could allow a local attacker to place an arbitrarily generated DLL file in an installer folder to elevate local privileges. | 6.5 |
2022-03-08 | CVE-2022-26337 | Uncontrolled Search Path Element vulnerability in Trendmicro Password Manager Trend Micro Password Manager (Consumer) installer version 5.0.0.1262 and below is vulnerable to an Uncontrolled Search Path Element vulnerability that could allow an attacker to use a specially crafted file to exploit the vulnerability and escalate local privileges on the affected machine. | 7.8 |
2022-03-03 | CVE-2022-22943 | Uncontrolled Search Path Element vulnerability in VMWare Tools VMware Tools for Windows (11.x.y and 10.x.y prior to 12.0.0) contains an uncontrolled search path vulnerability. | 6.7 |
2022-02-15 | CVE-2021-43940 | Uncontrolled Search Path Element vulnerability in Atlassian Confluence Data Center Affected versions of Atlassian Confluence Server and Data Center allow authenticated local attackers to achieve elevated privileges on the local system via a DLL Hijacking vulnerability in the Confluence installer. | 7.8 |
2022-02-14 | CVE-2022-23410 | Uncontrolled Search Path Element vulnerability in Axis IP Utility 4.17.0 AXIS IP Utility before 4.18.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. | 7.8 |