Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-13 | CVE-2021-1240 | Uncontrolled Search Path Element vulnerability in Cisco Proximity A vulnerability in the loading process of specific DLLs in Cisco Proximity Desktop for Windows could allow an authenticated, local attacker to load a malicious library. | 7.3 |
| 2021-01-13 | CVE-2021-1237 | Uncontrolled Search Path Element vulnerability in Cisco Anyconnect Secure Mobility Client A vulnerability in the Network Access Manager and Web Security Agent components of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL injection attack. | 7.8 |
| 2021-01-13 | CVE-2021-20616 | Uncontrolled Search Path Element vulnerability in Skygroup Skysea Client View Untrusted search path vulnerability in the installer of SKYSEA Client View Ver.1.020.05b to Ver.16.001.01g allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 4.4 |
| 2021-01-11 | CVE-2020-35483 | Uncontrolled Search Path Element vulnerability in Anydesk 5.4.2/6.0.8 AnyDesk before 6.1.0 on Windows, when run in portable mode on a system where the attacker has write access to the application directory, allows this attacker to compromise a local user account via a read-only setting for a Trojan horse gcapi.dll file. | 4.4 |
| 2020-12-24 | CVE-2020-5681 | Uncontrolled Search Path Element vulnerability in Epson products Untrusted search path vulnerability in self-extracting files created by EpsonNet SetupManager versions 2.2.14 and earlier, and Offirio SynergyWare PrintDirector versions 1.6x/1.6y and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 9.3 |
| 2020-12-12 | CVE-2020-29654 | Uncontrolled Search Path Element vulnerability in Westerndigital Dashboard Western Digital Dashboard before 3.2.2.9 allows DLL Hijacking that leads to compromise of the SYSTEM account. | 6.9 |
| 2020-12-11 | CVE-2020-24447 | Uncontrolled Search Path Element vulnerability in Adobe Lightroom 10.0/9.2.0.10/9.3 Adobe Lightroom Classic version 10.0 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. | 3.7 |
| 2020-12-11 | CVE-2020-24440 | Uncontrolled Search Path Element vulnerability in Adobe Prelude 9.0/9.0.1 Adobe Prelude version 9.0.1 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. | 3.7 |
| 2020-12-09 | CVE-2020-2049 | Uncontrolled Search Path Element vulnerability in Paloaltonetworks Cortex XDR Agent 7.1/7.1.2/7.2 A local privilege escalation vulnerability exists in Palo Alto Networks Cortex XDR Agent on the Windows platform that allows an authenticated local Windows user to execute programs with SYSTEM privileges. | 7.2 |
| 2020-12-04 | CVE-2020-28950 | Uncontrolled Search Path Element vulnerability in Kaspersky Anti-Ransomware Tool 4.0 The installer of Kaspersky Anti-Ransomware Tool (KART) prior to KART 4.0 Patch C was vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges during installation process. | 6.9 |