Vulnerabilities > Uncontrolled Search Path Element
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-18 | CVE-2021-37617 | Uncontrolled Search Path Element vulnerability in Nextcloud Desktop The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. | 7.3 |
| 2021-08-17 | CVE-2021-3633 | Uncontrolled Search Path Element vulnerability in Lenovo Drivers Management 2.7.1128.1046 A DLL preloading vulnerability was reported in Lenovo Driver Management prior to version 2.9.0719.1104 that could allow privilege escalation. | 7.8 |
| 2021-08-12 | CVE-2021-38086 | Uncontrolled Search Path Element vulnerability in Acronis Cyber Protect 15 Acronis Cyber Protect 15 for Windows prior to build 27009 and Acronis Agent for Windows prior to build 26226 allowed local privilege escalation via DLL hijacking. | 7.8 |
| 2021-08-11 | CVE-2021-36770 | Uncontrolled Search Path Element vulnerability in multiple products Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a Trojan horse Encode::ConfigLocal library (in the current working directory) that preempts dynamic module loading. | 7.8 |
| 2021-08-11 | CVE-2021-38571 | Uncontrolled Search Path Element vulnerability in Foxitsoftware Foxit Reader An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. | 7.8 |
| 2021-08-11 | CVE-2021-0160 | Uncontrolled Search Path Element vulnerability in Intel Avermedia Capture Card Uncontrolled search path in some Intel(R) NUC Pro Chassis Element AverMedia Capture Card drivers before version 3.0.64.143 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2021-08-05 | CVE-2021-32580 | Uncontrolled Search Path Element vulnerability in Acronis True Image 2021 Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to DLL hijacking. | 7.8 |
| 2021-08-04 | CVE-2021-1593 | Uncontrolled Search Path Element vulnerability in Cisco Packet Tracer A vulnerability in Cisco Packet Tracer for Windows could allow an authenticated, local attacker to perform a DLL injection attack on an affected device. | 7.3 |
| 2021-07-26 | CVE-2020-18173 | Uncontrolled Search Path Element vulnerability in 1Password 7.3.712 A DLL injection vulnerability in 1password.dll of 1Password 7.3.712 allows attackers to execute arbitrary code. | 7.8 |
| 2021-07-26 | CVE-2020-4623 | Uncontrolled Search Path Element vulnerability in IBM I2 Ibase 8.9.13 IBM i2 iBase 8.9.13 could allow a local authenticated attacker to execute arbitrary code on the system, caused by a DLL search order hijacking flaw. | 6.5 |