Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-17 | CVE-2022-26081 | Uncontrolled Search Path Element vulnerability in Kingsoft WPS Office 10.8.0.5745 The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll, allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer. | 7.8 |
| 2022-03-17 | CVE-2022-26511 | Uncontrolled Search Path Element vulnerability in Kingsoft WPS Presentation 11.8.0.5745 WPS Presentation 11.8.0.5745 insecurely load d3dx9_41.dll when opening .pps files('current directory type' DLL loading). | 7.8 |
| 2022-03-11 | CVE-2022-23401 | Uncontrolled Search Path Element vulnerability in Yokogawa products The following Yokogawa Electric products contain insecure DLL loading issues. | 7.8 |
| 2022-03-08 | CVE-2022-26319 | Uncontrolled Search Path Element vulnerability in Trendmicro Portable Security 2.0/3.0 An installer search patch element vulnerability in Trend Micro Portable Security 3.0 Pro, 3.0 and 2.0 could allow a local attacker to place an arbitrarily generated DLL file in an installer folder to elevate local privileges. | 6.5 |
| 2022-03-08 | CVE-2022-26337 | Uncontrolled Search Path Element vulnerability in Trendmicro Password Manager Trend Micro Password Manager (Consumer) installer version 5.0.0.1262 and below is vulnerable to an Uncontrolled Search Path Element vulnerability that could allow an attacker to use a specially crafted file to exploit the vulnerability and escalate local privileges on the affected machine. | 7.8 |
| 2022-03-03 | CVE-2022-22943 | Uncontrolled Search Path Element vulnerability in VMWare Tools VMware Tools for Windows (11.x.y and 10.x.y prior to 12.0.0) contains an uncontrolled search path vulnerability. | 6.7 |
| 2022-02-16 | CVE-2022-23202 | Uncontrolled Search Path Element vulnerability in Adobe Creative Cloud Desktop Application 2.4/2.5/2.7.0.13 Adobe Creative Cloud Desktop version 2.7.0.13 (and earlier) is affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. | 7.0 |
| 2022-02-15 | CVE-2021-43940 | Uncontrolled Search Path Element vulnerability in Atlassian Confluence Data Center Affected versions of Atlassian Confluence Server and Data Center allow authenticated local attackers to achieve elevated privileges on the local system via a DLL Hijacking vulnerability in the Confluence installer. | 7.8 |
| 2022-02-14 | CVE-2022-23410 | Uncontrolled Search Path Element vulnerability in Axis IP Utility 4.17.0 AXIS IP Utility before 4.18.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. | 7.8 |
| 2022-02-11 | CVE-2022-23853 | Uncontrolled Search Path Element vulnerability in KDE Ktexteditor The LSP (Language Server Protocol) plugin in KDE Kate before 21.12.2 and KTextEditor before 5.91.0 tries to execute the associated LSP server binary when opening a file of a given type. | 7.8 |