Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-29 | CVE-2021-22037 | Uncontrolled Search Path Element vulnerability in VMWare Installbuilder Under certain circumstances, when manipulating the Windows registry, InstallBuilder uses the reg.exe system command. | 7.8 |
| 2021-10-22 | CVE-2021-30359 | Uncontrolled Search Path Element vulnerability in Checkpoint Harmony Browse and Sandblast Agent for Browsers The Harmony Browse and the SandBlast Agent for Browsers installers must have admin privileges to execute some steps during the installation. | 7.8 |
| 2021-10-21 | CVE-2021-42101 | Uncontrolled Search Path Element vulnerability in Trendmicro Apex ONE 2019 An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. | 7.8 |
| 2021-10-21 | CVE-2021-42102 | Uncontrolled Search Path Element vulnerability in Trendmicro Apex ONE 2019 An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service agents could allow a local attacker to escalate privileges on affected installations. | 7.8 |
| 2021-10-21 | CVE-2021-42103 | Uncontrolled Search Path Element vulnerability in Trendmicro Apex ONE 2019 An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. | 7.8 |
| 2021-09-29 | CVE-2021-32466 | Uncontrolled Search Path Element vulnerability in Trendmicro Housecall for Home Networks An uncontrolled search path element privilege escalation vulnerability in Trend Micro HouseCall for Home Networks version 5.3.1225 and below could allow an attacker to escalate privileges by placing a custom crafted file in a specific directory to load a malicious library. | 7.0 |
| 2021-09-27 | CVE-2021-40981 | Uncontrolled Search Path Element vulnerability in Asus Armoury Crate Lite Service ASUS ROG Armoury Crate Lite before 4.2.10 allows local users to gain privileges by placing a Trojan horse file in the publicly writable %PROGRAMDATA%\ASUS\GamingCenterLib directory. | 7.3 |
| 2021-09-24 | CVE-2021-28130 | Uncontrolled Search Path Element vulnerability in Drweb Security Space 12.5.2.4160 Dr.Web Firewall 12.5.2.4160 on Windows incorrectly restricts applications signed by Dr.Web. | 7.8 |
| 2021-09-23 | CVE-2021-26750 | Uncontrolled Search Path Element vulnerability in Pandasecurity Panda Adaptive Defense 360 and Panda Devices Agent DLL hijacking in Panda Agent <=1.16.11 in Panda Security, S.L.U. | 7.8 |
| 2021-09-22 | CVE-2021-31847 | Uncontrolled Search Path Element vulnerability in Mcafee Agent Improper access control vulnerability in the repair process for McAfee Agent for Windows prior to 5.7.4 could allow a local attacker to perform a DLL preloading attack using unsigned DLLs. | 7.8 |